Russell Coker wrote: > Frans Pop wrote: > > Not really. SELinux is not even close to functional after a standard > > installation. For one thing, it gets installed *after* the initrd gets > > generated and the initrd does not get regenerated, so the admin has to > > do that manually after rebooting into the installed system. > > There is no need to regenerate an initrd in Debian. I just did a standard i386 install using the instructions on the wiki  (which BTW look to be rather outdated in several respects). I did my previous test at the time of the discussion in September and remember that I did need to regenerate the initrd then to get rid of some errors. It does seem better now. However, I still had to regenerate the initrd because of the instruction to add "no_static_dev="1" for udev. I also feel that as long as you need to check for instructions in a wiki and manually edit various config files (most importantly in /etc/pam.d) in order to activate SELinux support that there is very little gain in having the packages pre-installed. Cheers, FJP P.S. Isn't selinux-basics required? It seems to be, but it was not priority standard...
Description: This is a digitally signed message part.