Tom Horsley wrote:
Tom we need to find place in /etc/rc.d/init.d/ where we can turn
selinux OFF! If your not using it don't let init turn anything on. I
will watch this computer come on and see if Selinux is turned on. I
think it is.
Turning it off is easy, I'm trying to get rid of the packages so I
don't have to keep downloading updates for them :-).
P.S. To turn it off edit /etc/sysconfig/selinux and tell it to be
disabled (or if you are a belt and suspenders guy, you could also
edit /boot/grub/grub.conf and put selinux=0 as a kernel boot option).
P.P.S. Trying to remove everything except libselinux doesn't work,
it still insists on removing every rpm on the system. Trying again
with all the other lib-whatever packages associated with selinux
give the same results. It acts a lot like everything depends on
every selinux package.
The most actively updated selinux package is selinux-policy. So you
should be able to remove this without too many dependencies.
policycoreutils does have lots of packages that require it so getting
rid of it will be a problem. libselinux is a core library which you
can't remove. libsemanage and libsepol are required by policycoreutils.
So I would just remove selinux-policy-* and you should see far less updates.
