New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
You've got a good decade before it'll be implemented in Debian- don't worry about it.
I use it on fedora and it hasn't been a problem. Probably a good thing.
Debian already "has" SELinux. It's just not as well supported and requires manual installation and much more manual maintenance.
Also, you may want to compile the upstream refpolicy from scratch. -> https://github.com/TresysTechnology/refpolicy
Biggest issue yet is with the Debian packages that are not out of the box SELinux ready. There goes the manual work you'd have to do. To answer your original question, there is hope that Debian adds policies out of the box in stretch. -> https://packages.debian.org/stretch/selinux-policy-default
What I actually meant was what if Debian 9 gets it "bundled" in the final version, just like systemd?? or not quite likely ?
There was systemd workarounds
Has there been a recent upsurge of Debian users demanding SElinux?
Where have you been the last year? There were millions of Debian users on the street 2016, fighting for SELinux!
There were millions of Debian users on the street 2016, fighting for SELinux!
lol, Every guide I read 3-4 years back for CentOS would actually start with "Disable SELinux" and mentioned it more like an annoyance. Heck, I have it noted in my CentOS install notes too!
So.. was wondering what/why/when this would make into Debian.
Ah...that explains the crowds at the airport and the marching and stuff. I was wondering what was going on.
:-)
I may misremember, but I think that "Disable SELinux" is preselected if you install CentOS 7 from an ISO. (Or do I misremember?)
This is a useful video from Red Hat to watch in one's free time:
Laziness mostly, SE-Linux isn't necessarily a bad thing but it does need the policies configuring properly for the applications running on the system