On Fri, 2007-10-12 at 14:38 -0600, Karl Larsen wrote: > FILE LABELING > All files, directories, devices ... have a security context/label > associated with them. These context are stored in the extended > attributes of the file system. Problems with SELinux often arise from > the file system being mislabeled. This can be caused by booting the > machine with a non selinux kernel. If you see an error message containing > file_t, that is usually a good indicator that you have a serious > problem with file system labeling. > > Now I have used some of these ideas today. The list suggested and I did. > But this stuff is not the kind of thing a person not using Linux in > business wants to know about. Well, how many business users, that aren't computer savvy enthusiasts do you expect to be dual-booting with different kernels? You'll probably find that not-only do many business users not do anything near the complexity of that, many don't even bother with installing any updates. Normally, you can expect SELinux to be something that just happens in the background, along with a thousand other things that you don't know about your computer. Also, there's a plethora of *other* things that can go wrong that can be just as flumuxing to the user. > So why would a desktop user ever want to run SELinux :-) For added security. This has been discussed to death, and not too long ago. Go back and read the old threads about it. The sky is NOT falling. -- (This box runs FC7, my others run FC4, FC5 & FC6, in case that's important to the thread.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.