openSUSE Tumbleweed is hands down one of the best rolling release Linux distributions out there. Many people prefer it over other distributions due to its stability and consistent updates, providing a near bleeding-edge experience.
There is another edition from the same project called openSUSE Leap, which focuses on long-term support and is a great option for those who prefer a more stable and laid-back distro experience.
Anyhow, an important change has been made to Tumbleweed, which mostly affects fresh installations. Let’s take a closer look. 👇
What's Happening: Announced on the openSUSE Factory mailing lists, upcoming snapshots of openSUSE Tumbleweed will ship with SELinux (in enforcing mode) as the default mandatory access control (MAC) system on the installer, with an option to switch to AppArmor if someone prefers that.
The developers mention that they have tested the SELinux implementation both manually and automatically (via openQA) to ensure stability and reliability.
To clarify things, a MAC system is an essential security mechanism on Linux (and other platforms) that strictly regulates access to files, processes, and system resources by enforcing a set of predefined policies.
SELinux and AppArmor are the most widely deployed offerings for Linux, with SELinux being a more secure option thanks to its system-wide enforcement instead of being app-specific like AppArmor. It's highly granular, label-based controls manage access across the entire system, mitigating potential breaches.
What to Expect: The Tumbleweed developers have based this on Fedora's SELinux policy, but with some openSUSE-specific changes to integrate it seamlessly.
Existing Leap 15.x users don't need to worry, as this change doesn't affect their installs, and users of existing AppArmor-equipped Tumbleweed installs can migrate to SELinux if they'd like to, but it's completely optional.
Via: Phoronix
Suggested Read 📖
John Paul Wohlscheid
- Even the biggest players in the Linux world don't care about desktop Linux users. We do.
- We don't put informational content behind paywall. Your support keeps it open for everyone. Think of it like 'pay it forward'.
- Don't like ads? With the Plus membership, you get an ad-free reading experience.
- When millions of AI-generated content is being published daily, you read and learn from real human Linux users.
- It costs just $2 a month, less than the cost of your favorite burger.
Become a Plus Member today and join over 300 people in supporting our work.
