Posted by: Xjlittle
centos, linux security, red hat, selinux, ubuntu
The other day after installing Ubuntu on one of my test machines I noticed that there was an ls -Z command which shows various selinux information about files and directories.
Running this command however gave some strange output, primarily ? marks. I thought this was a little strange but had other things that I needed to do at the time and decided that I would look into it later.
This weekend was that time. Let me say that I use SELinux on my Red Hat and CentOS machines and think that it is a very good way to help secure a machine. However it is anything but intuitive. If it weren’t for some very good documentation at Red Hat I probably never would have been successful at using this security tool. Mind you I’m no guru with it but I have six servers using it and I know how to troubleshoot SeLinux problems.
Which brings me to the part about Ubuntu and SELinux that I find disturbing. Doing some Google searching I ran across two pages regarding Ubuntu and SELinux. Both of them had no usable information in them other than how to install SELinux. Nothing about what to expect, how to troubleshoot, what a context or a boolean is nor did it mention if Ubuntu provided any troubleshoooting tools like setroubleshoot. You can find these two pages here and here.
The documentation only warned that SELinux is for experienced users. While that is an understatement how do they expect people to start using it to protect their machines? It would seem to indicate that they have no real interest in their users having the ability to use SELinux. I personally think that is a shame. I also believe that it is going to hurt their efforts at becoming enterprise ready especially with their server product. I certainly won’t be installing Ubuntu on any of my critical machines.