#36 SELinux as 'tech preview'?
Opened a year ago by predivan. Modified a year ago

Would it make sense to make SELinux
(packages developed at https://build.opensuse.org/project/show/security:SELinux)
available to a, potentially larger, Leap user-base as 'technology preview/use at your own risk' thing?

FWIW, I did some (very limited) testing with 15.3, both on JeOS and desktop(XFCE) VM's, and I haven't seen, AFAICT,
any major issues with targeted policy.

I know that's a pretty radical departure from SLE, and Leap is supposed to be 'boring' :), but it might be an opportunity to fix issues/bugs and refine the policy with some more 'real world use', perhaps?

All that if, of course, developers/maintainers of security:SELinux are up for it :)


It would certainly be nice to have SELinux available in Leap (I use it on Tumbleweed myself). I believe SUSE is already shipping SELinux for SLE on some variants (like SLE Micro).

We already have that option in installer. This is the current issue https://bugzilla.suse.com/show_bug.cgi?id=1187326

Metadata Update from @lkocman:
- Issue assigned to lkocman

a year ago

There's no SELinux policy to make it work, and installer will happily let you set up SELinux with no policy, which leads to a broken system.

Yup, so if this request is about providing policies, then I think we can get that covered. I think there will be some progress internally on SLE as well.

Yup, so if this request is about providing policies, then I think we can get that covered. I think there will be some progress internally on SLE as well.

How would that work?
ATM, SELinux in 15.3 is 3.0.
Provide 'just' the policies for it, or update the whole stack to (currently)3.2?
Either works for me, just curious :)

It would most likely be just providing the policies.

Login to comment on this ticket.

Metadata