[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Forward looking to FC2 final and SELinux

From: "Chris Kloiber, RHCX" <ckloiber redhat com>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Cc:
Subject: Re: Forward looking to FC2 final and SELinux
Date: Thu, 08 Apr 2004 16:16:32 +0800

On Thu, 2004-04-08 at 14:46, Alexandre Oliva wrote:
> On Apr  7, 2004, Matias Feliciano <feliciano matias free fr> wrote:
> 
> > Le mar 06/04/2004 à 20:59, Jesse Keating a écrit :
> >> [...]
> >> The option for SELinux should continue to be exposed during the install 
> >> (and kickstarts), but default to off.
> 
> > +1
> 
> How would you feel about permissive mode instead of disabled as the
> default?

I would like to see permissive mode the default, but don't spam
/dev/console. Instead log the avc errors to a different local# facility,
and capture that information separately from /var/log/messages. A gui
log viewer specifically for the selinux.log that could parse the denial
messages and propose policy source changes on a per-application basis
would be very nice, probably a pipe dream short term though.

-- 
Chris Kloiber, RHCX
Red Hat, Inc.

Follow-Ups:
- Re: Forward looking to FC2 final and SELinux
  - From: Arjan van de Ven
- RE: Forward looking to FC2 final and SELinux
  - From: Karl MacMillan

References:
- Forward looking to FC2 final and SELinux
  - From: Jesse Keating
- Re: Forward looking to FC2 final and SELinux
  - From: Matias Feliciano
- Re: Forward looking to FC2 final and SELinux
  - From: Alexandre Oliva

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]