On 1/16/06, *Justin Conover* <justin.conover@xxxxxxxxx
<mailto:justin.conover@xxxxxxxxx>> wrote:
On 1/16/06, *Jim Cornette* < fct-cornette@xxxxxxxxxxxxxx
<mailto:fct-cornette@xxxxxxxxxxxxxx>> wrote:
Rahul Sundaram wrote:
goemon@xxxxxxxxx <mailto:goemon@xxxxxxxxx> wrote:
> On Mon, 16 Jan 2006, Rahul Sundaram wrote:
>
>> goemon@xxxxxxxxx <mailto:goemon@xxxxxxxxx> wrote:
>>
>>> On Sun, 15 Jan 2006, Tom wrote:
>>>
>>>> Can Fedora install, r/w to existing R_FS partitions?
>>>
>>>
>>> Yes, but you will need to disable selinux. selinux does not
run well
>>> (or really, at all) on anything except ext3 at the moment.
>>> But I have had enough problems with selinux even on ext3
that I
>>> usually install with selinux disabled anyway. Maybe by FC6
all the
>>> selinux issues will be sorted out for production servers :)
>>
>>
>> Hmm. Does that mean that hundreds of thousands of RHEL 4
systems
>> running SELinux is just a flick out of my creative imagination?
>
>
>
> No it just means that I personally (and others) have issues
with FC4
> selinux on production servers, and that redhat has sarcastic and
> snippy employees.
>
> i'm pretty sure i'm not imagining selinux issues:
>
https://bugzilla.redhat.com/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=MODIFIED&bug_status=NEEDINFO&bug_status=REOPENED&field0-0-0=product&type0-0-0=substring&value0-0-0=selinux&field0-0-1=component&type0-0-1=substring&value0-0-1=selinux&field0-0-2=short_desc&type0-0-2=substring&value0-0-2=selinux&field0-0-3=status_whiteboard&type0-0-3=substring&value0-0-3=selinux
<https://bugzilla.redhat.com/bugzilla/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=MODIFIED&bug_status=NEEDINFO&bug_status=REOPENED&field0-0-0=product&type0-0-0=substring&value0-0-0=selinux&field0-0-1=component&type0-0-1=substring&value0-0-1=selinux&field0-0-2=short_desc&type0-0-2=substring&value0-0-2=selinux&field0-0-3=status_whiteboard&type0-0-3=substring&value0-0-3=selinux>
>
Production systems do not mean bug free. If so there are no
production
systems at all. Just look at the number of bugs filed against
any of the
major components like Kernel, Openoffice.org
<http://Openoffice.org>. Evolution etc and you
would find that bug reports are not by itself a decisive
factor. You
also include bugs in NEEDINFO which requires information from
the bug
reporter. NEW bugs are unconfirmed ones. MODIFIED ones might
require
confirmation from the reporter before being closed. There are
invalid
bug reports and feature enhancements as well in there. Nobody
claimed
the components are bug free.
Does ReiserFS handle SELinux content now? I seem to recall that a
filesystem other than ext2 / ext3 was capable of accomidating
SELinux
content. Is the progress less than expected by this date?
Regarding SELinux, it has problems, but the problems are usually
dealt
with quickly when information can be supplied to pinpoint where the
adjustments that need to be made. I find SELinux still to be rather
cryptic. It does however ease worries a bit that critical
services and
processes are protected better than possible on a system where
SELinux
is not used.
Jim
--
XFS has also been supported.
I should mention if your going to use xfs, you should use it on fs
afterwards with ext3 on /boot and /
Reason being is xfs with selinux should use inode size 512 instead of
default 256
mkfs.xfs -i size=512