Wednesday 2 December 2009

SELinux and more

My little laptop is pretty much back to normal, or rather the new normal, now I've had a chance to sort it out. I still have some small problems with it, but apparently they're either there to help the community, and be a pest to me, or they're there because there's no other reason except to be a pest.

For example, SELinux.
Now, my understanding is that it's meant to aid in system security. I have never had a single problem on my network. I run exactly zero antivirus guard with a resident shield. Periodic scans for both viruses and malware return nothing. If there is a network problem, it either originates with a mistake I made, or a mistake on the computer having the problem.
I have no need for SELinux.

However, it seems to be built into Fedora 12, and it seems to fall into the category of "There to help the community, but be a pest to the user" as in it's Enforcing mode, it allows me to do nothing beyond log in, and log out.
In Permissive mode, it allows me to do some more, then waits until I have something I don't want to lose, crashes everything, and then forces me to hard-reset.
So I've disabled it, and now everyone's busy telling me it's a bad idea.
Why? It's done nothing useful for me. It's sat there and been a pest. Since I'm told it's not removable, it can stay disabled. Someone suggested tweaking it, however I distrust this on the grounds that it just seems to be a varient of Permissive settings.

My main nag with it is that with it enabled, I cannot run anything through Wine - not even Winecfg, the configuration tool. And I do use Wine a lot, because some of the programs I used have not been ported to Linux in one form or another yet.

Yet I'm told that's a 'feature' of Wine/SELinux.

You're kidding me. Stopping people from using Wine is a feature?
I could understand if there were ports for all Windows programs. But this is just sheer wrongheaded stupidity.

Finally, it was suggested I change distribution.
Now, unless someone wants to tell me which Slackware ISO I need to download to get the Slackware equivalent of your standard Ubuntu LiveCD using Gnome, there is no alternative except Gentoo or Arch, neither of which are useful candidates because of the amount of work needed for them, and the amount of bandwidth I'd need - more than can be afforded.

So in response to those on various forums but mostly on the Fedora IRC channel - where they could be a little more polite to newbies, rather than being as abusive as they were to me - No, I'm not changing distribution. Slackware I might consider if someone explained, as above. But other than that? I'm on Fedora, and I'm here to stay, so live with it.

And while you're at it, it wouldn't hurt to actually listen to your users once in a while.
SELinux could be made OPTIONAL. But it's mandatory.
They could have used the right branch of GDM, one that had the gdmsetup graphic tool for configuring the GDM login screen, but no, they went and used a different branch, losing gdmsetup, and since forcing them to listen to the 'whining' (Read complaints) of their users demanding it back.
For gods sakes, if your users are doing that, don't just ignore them and call it whining, clearly you made a mistake, so fix it by putting things back again! Or at least wait until the branch you're using has gdmsetup again.
Or as one annoying person on the Fedora so-called-support IRC channel told me, program your own.
Now, that'd be a good idea. If I knew how to program in a language useful to Linux. I know VB. I have some very limited extremely basic C++ knowledge, useful for fixing conflicts in patches applied to OpenTTD, and little more.
But nope, I'm somehow expected to have a sudden burst of inspiration, know how to program in whatever language I need, know exactly what to write, compile it, and become some kind of saviour of the community, because they're too lazy to A: Fix their mistake by using the correct branch of GDM ro B: Write a tool for the users, so they don't have to put up with their whining complaints.

Fedora seems to have as many issues and people being jerks, as it does good points, at the moment.

On a side note, can anyone actually explain how LVM (Logical Volume Management) is meant to be useful?

That's all from me.
Rock on.

No comments:

Post a Comment