Does Fedora 16 need tweaking to enable security features?

Novatian · 01-31-2012, 04:28 AM

Does fedora 16 need tweaking to enable security features? So that after start up they are on?

If so, is it the same process as with 13?
http://docs.fedoraproject.org/en-US/...g_SELinux.html

T3RM1NVT0R · 01-31-2012, 01:15 PM

Hi Novatian,

As far as I am aware selinux is enabled and runs in targeted mode by default in Fedora 16. So, you do not need to do the tweaking. However, you can run the following command to make sure:

Code:

sestatus

Above command will let you know if selinux is enabled or disabled and if enabled then which mode it is running whether permissive or targeted.

If it says disabled then you have to edit /etc/selinux/config file as mentioned in that document and enable it. Reboot the system so that it can relabel the filesystem. Once done you can check the mappings by the command mentioned in the document that is: /usr/sbin/semanage login -l

I would like to mention that you enable selinux only when you are aware about how it works. selinux when running in targeted mode may cause issues with some applications. And if you are not good at selinux you might find it difficult to troubleshoot the issues.

Small tip if you plan to go with selinux: make sure you setup selinux booleans and contexts correctly when configuring any application.

John VV · 01-31-2012, 06:01 PM

yes and NO
the normal install is fine for 99.9999% of the population
for the 0.00001 % ( think of a 3 letter organization in Virginia )
or if the Govt. IS REALLY OUT TO GET YOU

you can tweak it a bit
BUT
"if the Govt. IS REALLY OUT TO GET YOU " then you would already know how to do that.