Forward looking to FC2 final and SELinux

Jesse Keating jkeating at j2solutions.net
Wed Apr 7 01:44:50 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 06 April 2004 18:08, David T Hollis wrote:
> This thread helps confirm my predictions as to what will happen with the
> Fedora Core 2 release.  We've seen this sort of thing in times past with
> various Red Hat releases.  It will go something like this:
>
> 1) Fedora Core 2 released with SE Linux support
> 2) Various user groups complain loudly with quotes such as:
> "Red Hat has finally done it, I'm switching to Gentoo!"  
> "Red Hat doesn't care about the end user"
> "Debian is where it's at"
> "KDE Rulez!"
> "I'm never going to buy a Red Hat product again"
> "RH is conspiring with NSA to spy on us!"
> 3) Various other distros will be incorporating SE Linux and within a
> years time, all major distros will ship with SE Linux functionality
>
> Look at times past that we have seen RH incorporate a "bleeding edge"
> functionality into the core to much criticism, only to prove that they
> were really just leading the charge.  Going way back, we have the great
> glibc2 migration.  Everybody wanted to go there, nobody did because it
> was such a massive change.  Who remembers libc5 these days?  The gcc
> 2.96 debacle.  OK, so it may have not been the best decision but gcc was
> really stuck at the 2.95 series for eons.  Now there are new gcc
> releases every few months.  How about BlueCurve?  RH's attempt to kill
> KDE and take over the project.  I think they may have even hired hitmen
> to take out all of the KDE developers.  Boy, that sure killed the
> desktop on Linux by blurring the lines didn't it...  Hmm, seems like
> some other distros have started doing this as well.  I don't know about
> you, but I can't stand it when all of my apps look the same...
>
> For those of you out there that are really concerned with SE Linux, be
> patient.  Maybe skip FC2 until the bugs get worked out.  If you have
> some non-critical or test systems, throw it on there and try things out.
> Report bugs so they can get fixed.  It will be alright.  In the end, you
> will be more better off than you will ever know.  If you don't want to
> see such garbage hitting Linux as SQL Slammer, Nimda, CodeRed, Nachia,
> etc etc etc, SE Linux will be a great step towards preventing it.

I'm not asking to remove SELinux from the distro, that would be silly.  But 
I am asking to just make the default for it to be off.  This is not that 
big of a request.  Those that CAN and WOULD test and help make SELinux 
better, CAN click to enable it.  Those that cannot can blindly click next 
like they usually do and won't run into all the problems that SELinux 
imposes currently.

So, it's not a matter of have SELinux in the distro or not, it's a matter 
of usability and exposing the RIGHT option to the end user.  Much like 
other advanced features are hidden from the (to borrow Jef "I have a big 
middle name" Spaleta's phrase) average meathead, SELinux should be not 
exactly hidden, but just disabled by default.  It would go a long way 
toward making the distro desireable.

I'm thinking of this as a person who has to provide end user support for 
these releases, as well as somebody who is involved in writing books for 
these releases.  I really need the distro to be usable, and desireable.

So, I'd really appreciate any comments that go toward why the SELinux 
choice in Anaconda should default to enabled.  Valid reasons.  Please.

- -- 
Jesse Keating RHCE	(http://geek.j2solutions.net)
Fedora Legacy Team	(http://www.fedoralegacy.org)
GPG Public Key		(http://geek.j2solutions.net/jkeating.j2solutions.pub)

Was I helpful?  Let others know:
 http://svcs.affero.net/rm.php?r=jkeating
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAc10W4v2HLvE71NURAnJsAJwM4Ro9c4DK86cAHAlPKwpY2ymRxQCfbGu6
VXHzW5zGdr3L/oMn8a3wf7o=
=aUzn
-----END PGP SIGNATURE-----





More information about the fedora-devel-list mailing list