Linked by Thom Holwerda on Wed 21st Nov 2007 13:58 UTC, submitted by Rahul
Fedora Core "We all appreciate that when we turn on our Linux systems they're pretty secure. Thanks to continuing improvements to SELinux, it is increasingly easy for users to take advantage of this powerful security tool. Read on to find an interview with Daniel Walsh, the principal developer of SELinux in Fedora from Red Hat, where he tells us more about what SELinux does and how it's improved in Fedora 8. At the end of the article are some screenshots which show-off the new policy creation GUI."
Permalink for comment 286055
To read all comments associated with this story, please click here.
Fedora 8
by Arkansas_Rebel on Fri 23rd Nov 2007 01:38 UTC
Member since:

The easiest way to load is to copy the boot disk image to your drive then partition it out with /boot, /, swap, /home, /usr and /var you can make /home on a logical partition leaving space on the end of your drive by creating a logical volume.

LVM management allows you to resize your drive adding space, easily by the command line with (pvcreate, vgcreate, lvcreate and mkfs.ext3) then create a directory and place it in /etc/fstab. Not to mention ACL, usrquota, suid and numerous other options you can perform on your storage or maybe create a extra logical volume for stuff you want to keep.

It is always best when preforming installation to have separate partitions or volumes for different parts of the file system. This helps if you have a problem or you can boot to run level 1 or emergency being able to mount or umount partitions that may have trouble. Plus, this allows you to really lock your system down further with SELinux, with setfacl's....

Also, they have iced_tea java included now so downloading Sun's Java is now optional. The options in any Linux distro are just about limitless for any customization you want to do. I have found many excellent books that proved to be quite helpful from Barnes & Noble, Books a Million, and several online ones. It is more convenient for me to drive to a city to purchase the books then to order from the internet if they got it in stock.

I am going to purchase a book on SELinux because I will have to become very inept inside and out since I will be deploying several new Red Hat 5.1 Server installs in the new IBM Blade Centers. I will leave the firewall enabled along with SELinux however I will have to do quite a bit of research on what booleans and context I need to leave defined to not break applications for the end users.

Reply Score: 1