[DSE-Dev] Bug#747106: I disagree with closing

Victor Porton porton at narod.ru
Mon May 5 17:44:44 UTC 2014


"No, files in /etc/selinux are configuration files, which must not be
deleted at "apt-get remove". You have to use "apt-get purge" for that.
See the debian policy or the manpages for apt."

Unchanged configuration files should be removed. I have not changed any of these files so they should be removed. Non-removal is a bug.

"Well, I guess you still booted with kernel command line
security=selinux and selinux=1, probably in enforcing mode. Which
doesn't work because then you need a working selinux policy installed."

Is it a kernel bug?

I think it should use an empty policy if there are no policy installed.

The system should not cease to work only because there are no currently installed policy.
It is a bug (of Debian or of kernel, I don't know).

I don't propose to disable selinux when uninstalling selinux-policy-default but to work with an empty policy.

--
Victor Porton - http://portonvictor.org



More information about the SELinux-devel mailing list