On Thu, Jul 19, 2012 at 12:24 PM, Mateusz Marzantowicz <mmarzantowicz@xxxxxxxxxxx> wrote: > Why is using of SELinux on Fedora (I don't have experience with other > distros) so painful from a regular user perspective? > > I'm talking about situation in which after installing stock packages and > "just running" applications I'm spending more time with SELInux Alert > Browser than any other system management utility. > > You'd probably say that it's my fault, that I messed up with selinux > settings (yes, I confess, I've enabled samba sharing on some of my > directories under home but I've done this based on official Wiki) but > actually I only followed instructions from alert browser. I've applied > custom policies for one or two files that I then removed after one or > two hours. > > I think that right now my system is as secure as with selinux disabled > because of all that modification that I've made. I'm not an idiot but I > really can't track all security policies that are active in my desktop > system used for daily work. > > Do I really need to became security expert specialized in SELInux to use > my system? I started reading about selinux design and configuration but > I think it's a waste of time. My current selinux problem is caused by > systemd-tmpfiles trying to cleanup my /tmp dir where I copied some files > from home directory to play with and ... left them for automatic > cleanup. Solution is obvious - remove files form /tmp manually but then > autoremover mechanism provided by Fedora is redundant. > > Is there a chance that someday users will use selinux without even > noticing it's installed? You do understand that ranting (as opposed to reporting bugs / sending fixes / etc) will get you nowhere, right? - Gilboa -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org