Announcement

Collapse
No announcement yet.

SELinux Continues Path Of Deprecating Run-Time Disabling

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #21
    Originally posted by sarmad View Post
    If SELinux was designed properly people wouldn't need to disable it at run time. But it's just over-complicated, making it easier to just disable it when testing stuff than wasting time trying to figure out how permissions can be given in SELinux.
    SELinux is one of the reasons I stay away from Fedora.
    Using SELinux slows down some operations and in many cases SELinux is not needed.
    Hardcoding it and/or blocking disable it on boot time removed flexibility.

    Comment

    • #22
      Originally posted by Espionage724 View Post

      I don't even know AppArmor exists on openSUSE and Ubuntu. I guess it's there protecting things. I don't exactly know if it protects things without a profile, as I've set-up webservers, databases, and game servers all without seeing mention of AppArmor.

      SELinux is also silent on Fedora Workstation, but it becomes real visible when hosting servers. I don't need to make a rule to turn SELinux on; it's just on, everywhere. I have to make rules most of the time to allow certain functionality with servers.
      Ok i dont know this one realy, but AppArmor has all the profiles allready on when you use suse, and the suse kernel has all build in apparmor selinux yama tomoyo and how they are called, and if you want to switch to selinux there are selinux packages, and there are packs and docs for yama and tomoyo aswell.

      edit
      Yama — The Linux Kernel documentation
      TOMOYO Linux – Wikipedia

      not that ppl think i´m tomoyo and do yama ​​
      Last edited by erniv2; 05 October 2022, 11:06 PM.
      • Likes 2

      Comment

      Previous 1 2 3 template Next
      Working...
      X