Re: Request to re-add option to disable SELinux - compromise

Rahul Sundaram wrote:
jeff wrote:
But there are numerous other justifications I could give, including my
personal belief that it's absolutely nuts to thrust SE Linux upon
unsuspecting Desktop users (who don't know what it is anyway) without
giving them the choice to turn it off.

If they don't know what it is, how are they supposed to decide to shut
it off or not?

Perhaps by way of a compromise it could be noted in the installation docs if you want to disable SELinux you should add "linux selinux=0" to the boot: line of the install CD. This would make the option available the same way that xfs/reiserfs/jfs are available. The user isn't confronted with it, but Linus[1] can then easily disable it at install time.

The policy has already been fixed

Which policy? The no dialog box in anaconda? I'm not saying it should be restored. I'm offering a workaround with *no* dialog box, default installs get SELinux, but users that *know* they don't want SELinux still have an option for it at install time.

and swfdec isn't installed by default so there is no need to do that.

I didn't mean to drag swfdec into this--I pointed at that bug for this quote (which I should have made more clear):

torvalds linux-foundation org wrote[1]:
"Normally I just turn selinux off"

It is already documented in the SELinux FAQ now but installation guide can have a reference too.

Well, it would require *slightly* more than just that: like a couple lines in anaconda to make sure that selinux=0 got passed to grub.conf. That's it though. Very very unobtrusive.

> File a RFE.




[1] https://bugzilla.redhat.com/show_bug.cgi?id=439858#c31

