This is not a troll post. I’m genuinely confused as to why SELinux gets so much of hate. I have to say, I feel that it’s a fairly robust system. The times when I had issues with it, I created a custom policy in the relevant directory and things were fixed. Maybe a couple of modules here and there at the most. It took me about 15 minutes max to figure out what permissions were being blocked and copy the commands from. Red Hat’s guide.

So yeah, why do we hate SELinux?

  • redxef@feddit.orgEnglish
    81·
    3 days ago

    Docker container can’t read a bind mount. Permission issue? No, it’s SELinux, again. And I didn’t even install it explicitly, it just got pulled in by another package.

    And to be clear, the issue isn’t SELinux really, but unexpected non standard behaviour which I never asked for (never explicitly installed it).

    • Luke@lemmy.mlEnglish
      8·
      3 days ago

      Isn’t that trivially simple to address though? Just add :z to the end of the mount value string, and restart the container.

    • marauding_gibberish142@lemmy.dbzer0.comOPEnglish
      1·
      3 days ago

      SELinux is installed by default on RHEL derivatives like AppArmour is on Debian derivatives. Sure maybe it’s annoying to see a package you didn’t download explicitly but I still don’t see why it’s a big deal. I guess having to delve into SELinux in the middle of configuring another app will cause some pain