Hi Russell,
--On Wednesday, April 14, 2004 12:08 AM +1000 Russell Coker <russell@xxxxxxxxxxxx> wrote:
The problem with RHEL 3 is that some changes to significant parts of it are needed, coreutils, PAM, sysvinit, and a few others. The advantage for using RHEL 3 in production is that it's not changing much, so as long as those few packages aren't updated you don't need to re-compile anything. If those packages are updated then someone will have to recompile the SE Linux versions.
Yes, we're in close agreement: there's a significant burden involved in running SELinux under RHEL. Only those who're comfortable tweaking source code should even consider doing so. I'm a bit crazy <g>: I've actually backported SELinux to RHL 7.x for use in an appliance based on that release. But, I've only gotten as far as coaxing the code to compile; I haven't yet done any testing. When I do, I may find that I have a lot more work to do <g>.
Also there are some programs such as userhelper which have had SE Linux support added for which you probably wouldn't want to do a RHEL 3 port. This means that your RHEL 3 machine will lack some of the SE Linux functionality that Fedora has (you will need RHEL 4 for full functionality).
Yes, these added features are a real convenience. But, I don't find them an absolute necessity. The long maintenance horizon of RHEL 3 helps offset their absence.
With respect to RHEL 4, I'm hoping for an SELinux Christmas <g>.
Cheers,
--------------------------------------------------- Bill McCarty, Ph.D. Professor of Information Technology Azusa Pacific University
