On Fri, Oct 19, 2007 at 09:04:24AM +0930, Tim wrote: > On Thu, 2007-10-18 at 16:45 +0100, Chris G wrote: > > I didn't even install it but I still get SELinux security messages in > > my log file. I suspect that "turning it off" will have even less > > effect than not installing it to start with. > > Why do you jump to that conclusion? I have other installed software > that's usually turned off, it does nothing unless run. I don't expect a > disabled SELinux to be any different. > But it is, it runs and outputs messages in my logs which say that it has stoppped some things which would otherwise have happened (apache access to some files if I remember). OK, this isn't actually 'running' it but from a users point of view it's no different. If, when asked if I want X installed I say no and then later I see in my logs 'X has done something', what else am I to conclude. As I said before I think it's more of an issue of education and documentation and wording. When the installation process asks if I want SELinux or not it should maybe be asking if I want certain SELinux functions to operate rather than whether I do or don't want it as a whole. > You did install it, you can't avoid it. You don't have to use it, > though. > Yes, OK, but that's not what it sounds like when you say 'No thank you' during the installation process. -- Chris Green
