On Mon, 2004-11-15 at 11:11, Dave Roberts wrote: > Okay, so I'm sitting here with a nice, stable FC1 configuration. Today, > it has seen uptime of over two months. In short, works great. No reason to upgrade unless there is something you need/want in the new release. I think fedora legacy project may still be providing security updates for FC1. If you want to stick with that for a while longer that may be a good place to check. > > Now, of course, FC3 includes SELinux as an installation option. This is > both interesting to me and also the potential for a problem since: > 1. SELinux is relatively new and this is the first mass deployment of > it. I remember that it got removed from FC2 while some kinks got worked > out there. > > 2. There is a learning curve and I'm at square 1 with it. > So, suggestions? > Currently selinux is only enabled on new clean installs and for a targeted policy. I believe this means it runs against a limited set of services unlike strict mode which means everything. So far there have been a few postings about possible selinux issues but over all not that many. Worst case scenario is you disable selinux if seems to cause problems with anything you are trying to run. Obviously it is worth a little bit of time to sort out the problem first but if it is determined that selinux is causing you a problem and is not easily corrected by reconfiguration or an available patch just disable it until the problem is resolved. You gain by learning a little bit about how selinux works and the community gains by having some more testing done. If selinux is the only reason for not moving to FC3 then I think it is a minor reason. It would take other problems to prevent such a move IMHO. But you have to judge that for yourself. -- Scot L. Harris webid@xxxxxxxxxx You can be replaced by this computer.
