[vote] release OpenWrt 21.02 with additional SELinux SDKs and IBs

Dominick Grift dominick.grift at defensec.nl
Thu Mar 18 10:20:17 GMT 2021 

Re-sent (forgot to cc list)

> On 3/18/21 10:39 AM, Petr Štetiar wrote:
>> Dominick Grift <dominick.grift at defensec.nl> [2021-03-18 09:13:46]:
>>
>> Hi Dominick,
>>
>>> Petr Štetiar <ynezz at true.cz> writes:
>>>>
>>>> Option D: Start as always in master/snapshots and if the feature is usable
>>>> and in a shape for a release, then include it in release.
>>>
>>> I like this idea, but it is quite ambitious because then it becomes part
>>> of base-os and that means that it is going to affect a majority. 
>>
>> BTW I didn't explicitly stated that, but I was still referring to SELinux
>> enabled SDKs and IBs. So it wasn't about providing SELinux enabled images by
>> default.

I guess I misinterpreted it.

There are already SELinux enabled IB's in master.

>>
>>> and we can expect the snapshot users to pro-actively disable it if they want
>>> to opt-out.
>>
>> Nope, it needs to be opt-in.

Fine

I admire Daniel for his ambitions and vision for OpenWrt, and it was not
my idea to propose this idea but the result is already telling
nonetheless. I have been clear about my own position from the start:
SELinux sell's itself or bust. I take this as bust because as I
mentioned I think we are at a crossroads when it comes to this feature
since without any feedback I will not be able to further improve it in a
significant way. For me it was alway's about scratching my own itch.
However it is pretty clear that this feature has little support in the
wider community. I will scale my involvement back and instead focus on
other more productive things.

It is not all bad though, at least two vendors forked the policy
configuration and demonstrated interest in leveraging it for some of
their own products. The framework in place in OpenWrt and that (to me at
least) is what matters most.

>>
>> Cheers,
>>
>> Petr
>>
>> _______________________________________________
>> openwrt-adm mailing list
>> openwrt-adm at lists.openwrt.org
>> https://lists.openwrt.org/mailman/listinfo/openwrt-adm
>>

More information about the openwrt-adm mailing list