Too Much SECURITY!

oldbrad · #1 22nd July 2012, 03:55 AM

Well I've been using RedHat since version 7.0 something, I actually paid for my first copy. I've been running a web server with Fedora 6 installed since that version was new. The only admin I need to do is restart the vncserver after a power out, and clean the logs occasionally.

For the last week I've been trying to install 17 on a Dell laptop. immediately after installation EVERYTHING seems OK. BUT, I power down and unplug the ether net cable.

I am running a laptop with wifi.

At the next boot BLACK SCREEN OF DEATH sometime after X starts. Now the only way to recover is to select rescue mode, and now comes the TROUBLE.. ^D the default system starts OK now. But on the next boot all sorts Alerts with cryptic messages from various daemons which can't find mystery files, Gui NetworkManager configuration tools missing, and on... Can't restart from the desktop because it's against policy, /val/log/messages if full of warnings about daemons restating for mysterious reasons. The final straw, I disabled SELinux as per this document:
http://docs.fedoraproject.org/en-US/...g_SELinux.html

Now I get a boot message telling me that SELinux: Could not open policy file .... No such file or directory. What? The system trashed a file it needs to boot,

HA! Frozen solid not even the 'skinny elephant trick works.

Sorry about the rant, but you chaps who do this stuff should realise that software bloat is what kills operating systems eventually. Perhaps there is a need for massive security in aggressively competitive commercial environments. But, on the other hand, if your targeting the desktop user, which presumably you are (sound video, fancy easy click features etc) The wife just wants to surf and play games. A 3 hour install process repeated 10 times followed by the dreaded black screen is just not acceptable.

Oh, did I say is was trying to install MATE because grr.. Gnome 3 refuses to run on older hardware and anyway it's horse manure on a smaller screen.

Please do something about disabling SELinux from square one, during the install process would be good. And I'm not sure about abandoning the traditional system configuration process either. Perhaps that's just old age.

I guess I got a bug, but for all my experience I'm bugg(er)ed to identify it, therefore oldbrad

abandons 17

Admin: If this is posted in the wrong place, then you need a 'rant' board. Feel free to move it, or delete it if the community doesn't like the criticism.

***Dan*** · #2 22nd July 2012, 03:57 AM

Oddly enough, we do have a section specifically set up for rants. This is fedora, after all! <..

..> And so moved.

That being said, you're in the wrong venue if you're preaching to the developers. This is a user-helping-user forum, and not a part of the development chain. We just try to help each other fix what they sling out the door. <..

..>

smr54 · #3 22nd July 2012, 04:30 AM

On occasion, one or two developers might stop by and see these things, but as Dan says, it's not a place where they will be expected to do so (see a complaint or even specific bug and respond)

Also, the vast majority tend to ignore criticism. (Shucks, don't we all?). However, reasonably stated feature requests or bugs--and what you have here does sound a bit like a bug, are usually answered, and relatively quickly, even if the answer is, Well, we're doing it this way because.... and an explanation.

Not that I'm saying you're wrong to rant, we all vent once in awhile, and it really can make one feel better. Just saying that if you do have serious, specific feature requests or repeatable bugs, it can be worth filing on bugzilla. General aggravation, which, if you hang around these forums at all, you will certainly come across, simply isn't easy to fix.

oldbrad · #4 22nd July 2012, 10:14 AM

Quote:

Originally Posted by Dan

Oddly enough, we do have a section specifically set up for rants. This is fedora, after all! <..

..> And so moved.

Thanks.

Quote:

That being said, you're in the wrong venue if you're preaching to the developers. This is a user-helping-user forum, and not a part of the development chain. We just try to help each other fix what they sling out the door. <..

..>

Yes I understand, which is why I don't often post. Addressing the development chain is even more difficult doing an install.

I'm so hung being unable to get a repeatable set of circumstances to even ask for help constructively, I just had to vent my spleen. It was 3 o'clock morning for the 5th night in a week. Sadly that's how software is made to work now.

When every body wants to speak, but nobody is listening ......

#5 22nd July 2012, 10:34 AM

Quote:

Originally Posted by oldbrad

Thanks.

Yes I understand, which is why I don't often post. Addressing the development chain is even more difficult doing an install.

I'm so hung being unable to get a repeatable set of circumstances to even ask for help constructively, I just had to vent my spleen. It was 3 o'clock morning for the 5th night in a week. Sadly that's how software is made to work now.

When every body wants to speak, but nobody is listening ......

Learn to communicate properly then instead of wasting time here ranting.

http://fedoraproject.org/wiki/Communicate

smr54 · #6 22nd July 2012, 12:18 PM

The forums being one of the links provided there.

***Dan*** · #7 22nd July 2012, 01:26 PM

Quote:

Originally Posted by smr54

The forums being one of the links provided there.

Gotta love it. <..

..>

stoat · #8 22nd July 2012, 01:39 PM

Sort of like a circular dependency.

#9 22nd July 2012, 02:19 PM

Quote:

Originally Posted by smr54

The forums being one of the links provided there.

The forum links are provide for user help/issues. (I note fedoraforums is number 2

)

For the serious stuff you need to use bugzilla, IRC or the devel-list

Quote:

Providing Feedback to Developers

If you believe you have found a bug or would like to suggest enhancements, use the Bugzilla bug tracking system.

More information is available on the Bugs and feature requests page.

The Ask Fedora forum or users mailing list is the place for most questions.

Development discussions happen in the Fedora development mailing list, devel, and we encourage community users and developers interested in Fedora to participate there. You can post in this list for development-related discussions that are not straight-forward bug reports or feature requests. This is not a suitable place to ask general questions. If you are using a test release or the development version of Fedora, post feedback to the test mailing list and bug reports to Bugzilla. Developers do not usually follow discussions in end-user sources since they are high-traffic and not as efficient as a tracker like Bugzilla. For other mailing list options, see Mailing Lists below.

http://fedoraproject.org/wiki/Commun..._to_Developers

deanej · #10 23rd July 2012, 08:44 PM

One thing I've been wondering... why does linux development still use mailing lists? Aren't those obsolete in the era of internet forums?

***DBelton*** · #11 23rd July 2012, 10:40 PM

Actually, mailing lists are more efficient for someone that doesn't have a lot of time to devote to going through all the crap in the forums.

They get what they need, and can set up filters to just give them just the emails from the list that they are interested in getting.

deanej · #12 23rd July 2012, 11:23 PM

Wouldn't that be the opposite though? With a mailing list, you get a flood of emails in your inbox every day (and I'm of the camp that reads every email, even the spam that doesn't get sent to junk email, and never deletes anything in gmail), while with a forum, you're free to completely ignore any thread you're not interested in. And having everything viewable as a thread is VERY helpful. I cringe whenever I can only view something a post at a time and have to hunt for the next post.

Maybe it's because mailing lists and usenet had already fallen out of favor by the time I discovered the internet. I'm young enough that it's been forums and social networking for as long as I can remember.

EDIT: Not that mailing lists are useless, but I think they're more useful for sending announcements to a group of people than having conversations.

***DBelton*** · #13 23rd July 2012, 11:48 PM

You can sort email by thread, and get them all in a nice easy to read order. Just one click and you are reading the next email in the thread.

Plus, as I mentioned, you can filter email so that you only receive emails you want to.

And usenet hasn't fallen out of favor. It is still going strong. A lot of the ISP's don't want you to know that, though, since they don't want to carry them, especially the binary newsgroups.

Heck, there are even some gopher servers still running out there

The web and social networking are just a small part of the internet.

Edit:

I forgot to even mention Veronica (gopher search engine) and Archie and Jughead.

acidzebra · #14 26th July 2012, 03:29 PM

Coming back to Brad's original rant, I do feel his pain somewhat. I've tried working with SElinux and iptables but since I'm living by myself and on a private LAN I've just gotten lazy, tired of vague error messages and nonworking stuff and into the habit of disabling both first thing after initial install. I wouldn't recommend this on a public or multiuser network but for a private desktop, feh.