On Thu, Feb 13, 2025 at 12:45 PM Knurpht-openSUSE <knurpht@opensuse.org> wrote:
Op donderdag 13 februari 2025 18:11:33 Midden-Europese standaardtijd schreef Miguel Rozsas:
I think it was a bad move.
From my previous experience with RHEL, SELinux is unmanageable by the regular user.
No idea who/what message you are quoting here
If the user does not find a proper fix to this problem, they just put SELinux in permissive mode or even worse, disabled and never think about it again.
They will learn soon enough.
I would like to know if this issue has been sufficiently discussed with the user community (not just among devs) and if there is any reason, in addition to following the trend, that motivated this decision.
Please no. Development is not some kind of democracy process. Every litle change would take ages of discussions with people that have no indepth knowledge, yet do have opinions, to implement if it was.
What are the problems with AppArmour that SELinux will solve/fix ?
I think the wiki and project webpages provide that info.
This was also discussed last year in depth: https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/Y... To put it simply: SELinux has a larger community, it is better accepted for higher security environments, and it has a much better upstream development story. It was first proven out with openSUSE MicroOS with Richard and myself doing the initial enablement work. I also wound up daily driving it for Tumbleweed for some time and worked with some of the security folks to resolve stuff I discovered. Overall, the experience is fairly good these days. I've been a daily driver of SELinux on my openSUSE machines for five years now with great success and no real issues cropping up (KDE Plasma on Wayland, regular workload including gaming and software development, etc.). -- 真実はいつも一つ!/ Always, there's only one truth!