Bug 234155

Summary: Redundant selinux functionality
Product: [Fedora] Fedora Reporter: Matthias Clasen <mclasen>
Component: system-config-securitylevelAssignee: Thomas Woerner <twoerner>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: dwalsh, mattdm, sundaram
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-09-10 11:26:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 150225    

Description Matthias Clasen 2007-03-27 15:02:24 UTC 
We noticed that we have 3 selinux tools in the system > administration menu
now:

Firewall and SELinux
SELinux Management
SELinux Troubleshooter

The SELinux functionality in system-config-securitylevel is very limited
and totally redundant with what SELinux Management offers, so we think it 
Would be to remove the SELinux aspects from s-c-s and make it just a firewall
configuration tool. The menu entry would then just be "Firewall"
Comment 1 Matthew Miller 2007-04-10 16:28:41 UTC 
Fedora 7 test bugs should be filed against "devel", not against test1/2/3. This
isn't obvious, I know. Moving this report so it isn't lost.

This is a bulk message -- I apologize if this was actually meant to be targeted
against a different release. If so, please fix or let me know. Thanks.
Comment 2 Rahul Sundaram 2007-04-28 02:04:03 UTC 
system-config-selinux is not available as a bugzilla component so I am adding a
comment here as the original report is also closely UI related. Hope that's ok. 

Running system-config-selinux shows the title as "system-config-selinux.py"
instead of something that matches the menu entry like "SELinux Administration"
or atleast "system-config-selinux".
Comment 3 Daniel Walsh 2007-04-30 13:02:49 UTC 
Fixed title in policycoreutils-2.0.14-2

The only SELinux functionality left in securitylevel is for turning on or off
SELinux.
Comment 4 Thomas Woerner 2007-07-30 15:54:03 UTC 
There will be a new configuration tool for the firewall soon:
system-config-firewall.

Please have a look at: http://people.redhat.com/twoerner/system-config/
Comment 5 Daniel Walsh 2007-07-31 14:01:24 UTC 
The only reason there is any SELinux in the old tool at all at this time was for
firstboot.  So as long as firstboot has a way to disable,permissive,enforcing
SELinux then this is ok.
Comment 6 Chris Lumens 2007-07-31 14:33:45 UTC 
I'm looking at removing this panel from firstboot.  Ideally, we'd like people to
have SELinux enabled and enforcing by default.  Right now, the screen in SELinux
doesn't make sense to a lot of people and advertises a way for people to easily
just turn off a main part of the security features of their system.
Comment 7 Thomas Woerner 2007-09-10 11:26:51 UTC 
Fixed in system-config-firewall, which replaces system-config-securitylevel.