On 05/26/2010 08:44 AM, Benjamin Franz wrote:
I can make a useful argument from experience. Over the last few years, as Redhat has progressively deployed SELinux, I have had *several* incidents (the most recent only a few weeks ago) where updates to SELinux broke existing, stable, systems. Each time sucking up hours of my time to diagnose and fix. And (as in this incident) there are not always useful error messages to track it with.
Except that in this incident, there WERE useful error messages. The OP simply didn't know that he needed to look in /var/log/audit/audit.log.
The *theoretical* system security improvement of SELinux is trumped by the *practical* observation that I have had existing systems broken by SELinux multiple times on the mere handful of systems I have run it on in enforcing mode, but have yet to see a single one of several dozen (all internet exposed) up-to-date *non*-SELinux systems hacked.
You are comparing two unlike things. You can't very well judge the benefits of SELinux based on a system which hasn't needed its protection.
It is a 'safety' feature that is in practice more dangerous to system stability than what it is trying to fix.
I advise administrators to test all updates on non-production systems. SELinux updates are no exception.