[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Override changes standard -> optional

Russell Coker wrote:
> Frans Pop wrote:
> > Not really. SELinux is not even close to functional after a standard
> > installation. For one thing, it gets installed *after* the initrd gets
> > generated and the initrd does not get regenerated, so the admin has to
> > do that manually after rebooting into the installed system.
> There is no need to regenerate an initrd in Debian.

I just did a standard i386 install using the instructions on the wiki [1] 
(which BTW look to be rather outdated in several respects).

I did my previous test at the time of the discussion in September and 
remember that I did need to regenerate the initrd then to get rid of some 
errors. It does seem better now.

However, I still had to regenerate the initrd because of the instruction 
to add "no_static_dev="1" for udev.

I also feel that as long as you need to check for instructions in a wiki 
and manually edit various config files (most importantly in /etc/pam.d) 
in order to activate SELinux support that there is very little gain in 
having the packages pre-installed.


P.S. Isn't selinux-basics required? It seems to be, but it was not 
priority standard...

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: