Re: SELinux on Fedora 17 - troubles, troubles, troubles, ...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 07/19/2012 04:24 AM, Mateusz Marzantowicz wrote:
Why is using of SELinux on Fedora (I don't have experience with other
distros) so painful from a regular user perspective?

I'm talking about situation in which after installing stock packages and
"just running" applications I'm spending more time with SELInux Alert
Browser than any other system management utility.

You'd probably say that it's my fault, that I messed up with selinux
settings (yes, I confess, I've enabled samba sharing on some of my
directories under home but I've done this based on official Wiki) but
actually I only followed instructions from alert browser. I've applied
custom policies for one or two files that I then removed after one or
two hours.

I think that right now my system is as secure as with selinux disabled
because of all that modification that I've made. I'm not an idiot but I
really can't track all security policies that are active in my desktop
system used for daily work.

Do I really need to became security expert specialized in SELInux to use
my system? I started reading about selinux design and configuration but
I think it's a waste of time. My current selinux problem is caused by
systemd-tmpfiles trying to cleanup my /tmp dir where I copied some files
from home directory to play with and ... left them for automatic
cleanup. Solution is obvious - remove files form /tmp manually but then
autoremover mechanism provided by Fedora is redundant.

Is there a chance that someday users will use selinux without even
noticing it's installed?


Mateusz Marzantowicz


Howdy -

Take a look at http://www.youtube.com/watch?v=e_dzkYlXggM and http://people.redhat.com/tcameron - there's a presentation there called "SELinux for Mere Mortals"

Hopefully it helps with your SELinux questions.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux