Description of problem: SELinux if set to strict turns off X window system and thus post-installation GUI.


Version-Release number of selected component (if applicable): Unknown.


How reproducible:


Steps to Reproduce:
1. Install.
2. During installation or after, set SELinux to strict.
3. If done during install, complete installation and prepare to customize or use computer.
  
Actual results: Post-install failure of X window system. (I did not keep the messages displayed and records of repeated attempts to repair.)


Expected results: Smooth operation of FC including SELinux, allowing for the normal relabeling required by SELinux but with all functions, including X windowing and GUIs, operating normally.


Additional info: Users should be cautioned before setting SELinux to strict.

This is based on Fedora Core 4 and I'm not suggesting a change to that, and if SELinux has relevantly changed since then this may be moot, but if this also applies to current FC versions, a caution should be added to the installation screen. This is more a suggestion to enhance the installer routines to inform users rather than a fix to SELinux itself, since various posts suggest that SELinux is good for many users but problematic for many others. Thus, a caution in the installer is suggested.

When strict SELinux turned off the X windows system and thus the GUI, I spent hours trying to fix it and failed, forcing a clean full reinstallation just days after a clean full reinstallation solely because I had set SELinux to strict and rebooted (rebooting implements the ability to be strict by relabeling software for SELinux requirements). Since that's my Internet computer, I couldn't go online to research alternatives.

My hardware (Dell Latitude C840) generally works well. It's possible the hardware caused SELinux to choke X, but if that's because SELinux is demanding about hardware and not because the hardware is defective then the caution is even more necessary. Likewise, waiting to go online for alternative advice is too late.

<http://forums.fedoraforum.org/showthread.php?t=98219>, as accessed today (15th), suggests that some users have a more positive experience with strict. It seems to be heavily debated.

If feasible, provide a box during the install process to explain in advance what to do if the machine stymies the user, for example, a quick way to redo the install from the beginning instead of trying to fix X and to try targeted or less for SELinux.

(I entered the platform for this report as i686. I hope that's correct; it's a Pentium 4 laptop.)

Thanks.

-- 
Nick