On 12/18/10 08:20, David Brodbeck wrote:
On Fri, Dec 17, 2010 at 8:02 AM, Jerry McAllister<jerr...@msu.edu> wrote:
Anyway, SeLinux ain't 100% popular over there I noticed.
Maybe it is just a matter of getting used to it. I got
tired of reading the posts on it, so haven't figured out
if they were substantive or just whiney.
The problem with SELinux is it becomes very difficult to configure
properly if you don't have a normal, out-of-the-box configuration.
For example, I never did figure out how to keep it from blocking an
rsync backup. I disabled it after that, because a system I can't back
up is pretty useless no matter how secure it is. :)
I always thought it was a PITA, but I did figure out a couple of things
(after hours fart-assing around). You have to take the error and make it
into a module that allows the process to continue, but I don't blame
anyone for just walking away- sometimes even then it still didn't work.
Mind you, unlike most things, you can't just stow the info away for
quick retrieval to adjust something on the fly- it still takes you that
long again: 1) you have to follow a different method again for each
instance and 2) its an impossible process to remember! :)
Not to mention that it can cascade errors... its a hydra- fix one and
another 2 errors crop up!
As for whiney- I was one of those (supposedly), and you're just told to
shut up and take it because security is more important, and you should
take the time to learn something (that will take the same length of time
to fix _every_ time). I agree on the security, but the usage and howto
shouldn't be so obscure as to confuse even the most determined learner.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
