can someone explain to me why SELinux is officially broken under Ubuntu while AppArmor works fine? AppArmor is build on the "Linux Security Modules" framework and so is SELinux. As a result, shouldn't both run smoothly under Ubuntu?
I probably have a wrong understanding of the "Linux Security Modules" framework.
Thanks!
This is not about the kernel, but about the userspace. SELinux runs OK in the Ubuntu kernel (I guess), but there is a lot to be done for SELinux to work on the userspace side. Files need to have sensible default labels, contexts need to be defined for processes and so on. And if this is not updated periodically, then SELinux is effectively broken (it would block legitimate operations or allow dangerous ones), therefore the disclaimer.
