I run SELinux on all my boxes, including my desktop. It's not a big hassle
because the default targeted policy is aimed at the daemons,leaving normal
user operations running unconfined. If you can get the daemons sorted out
so that the SELinux policy matches the way you are using them, it doesn't
get in the way.
Daniel's issue is that he is using the tftp daemon in a way not currently
covered by policy. He doesn't appear to have the patience to either tweak
the policy to make it work for the way he's using the system, or to raise
the issue on the selinux list or in bugzilla. So SELinux is not likely to
get any better for him unless someone else has the same issues and works
them through, getting the necessary changes made so that everyone benefits.
First just let me say that i was asking about that, wasn't me who had
problems with tftp.
But im not waiting for anybody to the job that belongs to me, i just wont
use selinux until IT works properly. (why i have to disable it on a fresh
install to make things work?). There are many people that just turns it off
or downgrade it functions to make they'r things work instead of trying to
fix it for 2 mainly reasons:
we'r lazy, or we don't have the time to investigate it and try to fix it.
I insist, why i have to trust on something that i have to tweak to make it
work properly on my computer? I mean, i don't know how to do it, will take
me a lot of time to learn it, so i don't trust on my skills to do it,
(therefore it don't think it'll work fine), so i just prefer to shut it
down, or whatever, to make my services go outside.
And a last thing Paul, i think i need to know a lot more to give an opinion
on how things can be improved. I appreciate a lot so many ppl helping
others, but i don't feel the knoweledge to be one of thems.
Daniel.
