Talk:SELinux/Installation
This is a Talk page - please see the documentation about using talk pages. Add newer comments below older ones, sign comments using four tildes (
~~~~
), and indent successive comments with colons (:
).
Add new sections at the bottom of the page, under a heading (== ==
). Please remember to mark sections as "open for discussion" using {{talk|open}}
, so they will show up in the list of open discussions.Update
Very interesting documentation for starting on it, but I think an update with new profile (17.0 stable and/or 17.1 exp) is needed. On new profiles, it seems the /tmp is on the context without edit fstab and with OpenRC. Also, is possible add a command for list actual context, for example check if the tmpfs really complies the rules? Regards. Mustela (talk) 09:31, 7 September 2018 (UTC)
LSM
In the latest kernels, there is no “Default security module”. Instead one have to use “Ordered list of enabled LSMs”. The documentation should be updated accordingly. Sorry if I cannot do it myself, I am totally new at using SELinux and wouldn’t want to write something wrong. Stéphane, Gentoo in the Alps (talk) 17:04, 9 April 2021 (UTC)
I'm not sure when this changed, but the listed USE flags are wrong for the sec-policy/selinux-base package. ILMostro (talk) 07:41, 24 November 2021 (UTC)
PaX/grsecurity recommendation
It is seriously recommended to use SELinux together with other hardening improvements (such as PaX / grSecurity).
Is the PaX/grsec recommendation still relevant considering they stopped giving the patches out for free? The hardened-sources kernel used to provide grsec, but that's long gone now and the only way to use it would be to provide the patches yourself. I feel like this recommendation would only confuse users who aren't familiar with the grsec story already. xxc3nsoredxx (talk) 04:15, 18 October 2022 (UTC)
When to reboot?
reboot after rebuild is mentioned, but nowhere in there a mark actually saying "reboot now"? --Damobrisbane (talk) 22:59, 7 March 2023 (UTC)