|| ||Colin Walters <walters-AT-redhat.com>|
|| ||please try SELinux again|
|| ||Sat, 18 Sep 2004 15:40:33 -0400|
Talking with a number of people at the office, it seems a high
percentage of Fedora developers disabled SELinux during FC2 test2, which
was our first attempt at SELinux. Many other users and testers in the
Fedora community likely did so as well.
I think a lot of people are not aware that things have changed (and
generally improved) dramatically since then.
Instead of the original "strict" policy which covered everything, a new
"targeted" policy has been developed which only applies SELinux
restrictions to a few select system daemons. Regular user login
sessions are unrestricted.
This targeted policy will be enabled by default for FC3. But those of
you who are upgrading from existing systems, if you earlier added
selinux=0 to your grub config, or disabled it in /etc/sysconfig/selinux,
will not be testing the new policy.
Please: undo those changes, and give it another try. Be sure
that /etc/sysconfig/selinux has these two lines:
Also be sure you don't have selinux=0 in your grub configuration.
fedora-devel-list mailing list
to post comments)