[OBORONA-SPAM] SELinux works like a charm in Ubuntu!

[Gabriel Dragffy]

Joel Bryan Juliano wrote:
> SELinux does wonders on my Feisty machine. I noticed that when it's turn 
> on, applications don't get any noticeable delays when loading, I can run 
> QEMU now without sacrificing the performance of the host OS. Everything 
> runs so smooth. Networking also runs well without any problems, Sharing 
> files using gshare (Avahi FTP Daemon), SAMBA works, and other host can 
> connect to me without problems. I can even connect to this PC by my 
> .local address and grab the correct time in the internet using ntpd. I 
> have done alot of searching on the net because I was so reluctant about 
> it, I have fears about the effects on compiling a program, but couldn't 
> find any, so I just tried it myself and to my surprise It works like a 
> charm, and doesn't affect the compiled programs.
> 
> The only settings that is not working in Ubuntu is enforcing mode, which 
> will not boot the machine, but permissive with strict policy works. I'm 
> using targeted policy.
> 
> To install SELinux, just grab selinux-basics and it would install the 
> targeted policy. The strict policy and src policy would have to be 
> installed manually. After that you'll have to enable it at boot with 
> selinux=1 option.
> 
> Just sharing this wonderful features most of us doesn't use.
> 
> -- 
> Carpe Diem
> 


permissive is next to useless unless you are trouble-shooting. FC6 does 
a good job with SELinux, even then you have to disable its protection 
for the smbd (if u wanna use samba, that is)