[clue] Who's using SELinux?

[adam bultman]

On 05/20/2012 06:01 PM, David L. Anselmi wrote:
> Chris Hirsch wrote:
>>> I read recently that Fedora and RHEL (and CentOS?) enable SELinux by default.  Does everyone leave
>>> it that way or turn it off?
>>>
>> I use it on all my production servers with no problems (and a couple of
>> saves from breakins).
> Do you ever have to customize it or write your own policies, or do the defaults work.  It seems like
> there are a bunch of policies that can be turned on/off as needed so you don't actually have to
> write a new policy.  Do you change those at all?
I enable it on as many servers as possible at work.  I have very 
infrequently needed to add any of my own policies, personally.  Mostly 
the default policy, with some changes to the booleans, and I'm good.

I find SELinux to be a lot of fun, actually. Very interesting, and neat 
to see how you can tweak how things work.