[arch-general] base stuff (was: Change Arch's default crond)
Tom Gundersen
teg at jklm.no
Wed Apr 6 21:53:23 EDT 2011
On Thu, Apr 7, 2011 at 6:46 AM, Thomas S Hatch <thatch45 at gmail.com> wrote:
> On Wed, Apr 6, 2011 at 4:32 PM, Heiko Baums <lists at baums-on-web.de> wrote:
>
>> Am Wed, 6 Apr 2011 16:25:42 -0600
>> schrieb Thomas S Hatch <thatch45 at gmail.com>:
>>
>> > As for adding SELinux support in base but keeping it turned off by
>> > default, +1
>>
>> Then you mean adding it to [core]. (base) is supposed to be installed
>> on every system. And SELinux is definitely not necessary for a minimal
>> base Linux installation.
>>
>> Heiko
>>
>
> SELinux is a compile flag in the kernel and base utils, it is not required
> for a minimal system, but just adding the compile flags is a minor change
> and makes setting up more secure systems a possibility.
>
> I think that the only reason it is omitted is because most people are
> horrified by it, but if it is disabled by default then it is off and no one
> need know that support is compiled in.
I would just like to chime in and point out that if we want to allow
selinux, then we would need someone committed to supporting it. I have
never used it myself, but from what I hear it would need to be
supported by things like initscripts to be used properly. If such
support can be added elegantly and securely then I am not opposed to
it.
Cheers,
Tom
More information about the arch-general
mailing list