Disabling selinux question
Eric Paris
eparis at redhat.com
Thu Jan 3 22:34:00 UTC 2008
On Thu, 2008-01-03 at 23:21 +0100, Linus Walleij wrote:
> Here's a spinoff relating to selinux from discussions around
> system-config-services and its UI. selinux seem to involve the following
> services/daemons:
>
> auditd
selinux uses auditd but they are not at all closely coupled. selinux
will function fine without auditd and auditd provides all of its
capabilities without selinux. There is no reason these 2 should be
coupled together.
> mcstrans
> restorecond
> setroubleshoot
>
> If I use system-config-selinux or anaconda to disable SELinux altogether,
> then none of these are disabled accordingly. The only case seems to be
> that auditd is turn on if I disable them all manually and then enable
> SELinux.
I don't think as a general rule that we couple services ever (maybe we
do and i just don't know it) but I don't think disabling your mta is
going to disable webmail. I however don't think it would be
unreasonable to file an anaconda bug and say that if selinux is disabled
the above 3 programs shouldn't be set to automatically start. If that
goes anywhere you could file against system-config-selinux (or vice
versa)
-Eric
More information about the fedora-devel-list
mailing list