This is not a troll post. I’m genuinely confused as to why SELinux gets so much of hate. I have to say, I feel that it’s a fairly robust system. The times when I had issues with it, I created a custom policy in the relevant directory and things were fixed. Maybe a couple of modules here and there at the most. It took me about 15 minutes max to figure out what permissions were being blocked and copy the commands from. Red Hat’s guide.
So yeah, why do we hate SELinux?
I’d love to develop a muscle memory for working with it, but nowhere I’ve worked uses it at all. But from memory it really wasn’t that complicated, and the errors it spat out into system logs basically told you exactly what command to run to get past that particular violation.
I don’t hate it at all. Just, never seen it used anywhere.
All the linux stacks I was involved with over the years always had SELinux disabled as part of the base config. I can’t think of a single server it was enabled on.
I run SELinux on tons of servers at work. We taught our Oracle consultants how to use it. Some software vendors get mad at us because we require it and we always figure out how to make it work and it isn’t all that bad to work with once you’re used to it