OpenSUSE Tumbleweed Switching From AppArmor To SELinux For New Installations

Written by Michael Larabel in SUSE on 12 February 2025 at 08:47 PM EST. 36 Comments

SUSE/openSUSE has a long history with the AppArmor Linux security module going back to the Novell days and when AppArmor was originally known as SubDomain. OpenSUSE/SUSE and Ubuntu Linux have been big proponents of AppArmor for Linux security but now moving forward on new installations of openSUSE Tumbleweed it will be defaulting to Security Enhanced Linux (SELinux).

It was announced today on the openSUSE Factory list that new openSUSE Tumbleweed rolling-release installations will begin defaulting to SELinux rather than AppArmor. Existing openSUSE Tumbleweed installations will not be affected unless manually changing over to SELinux. The announcement notes:

"We would like to announce that with the next openSUSE Tumbleweed snapshot 20250211 the default mandatory access control (MAC) system selected by the installer will be switched from AppArmor to SELinux in enforcing mode. Additionally, the openSUSE Tumbleweed minimalVM will be shipped with SELinux in enforcing mode.

Users installing openSUSE Tumbleweed via the ISO image will see SELinux in enforcing mode as default option in the installer. If the user prefers to use AppArmor instead of SELinux, they are able to change the selection to AppArmor manually in the installer. AppArmor continues to be excellently maintained by Christian Boltz (@cboltz) exactly as before.

Existing installations using AppArmor will *not* be migrated. In case the user wishes to migrate manually to SELinux, a guide is provided on the openSUSE wiki."

OpenSUSE Leap 15.x will also keep to using AppArmor by default. The matter of switching from AppArmor to SELinux has been an openSUSE discussion point for the better part of the past year.

36 Comments

SUSE/openSUSE Agama Installer Now Warns For No-Desktop Installs, Supports systemd-boot

SUSE's Agama Installer Sees Architectural Revamp

Myrlyn 1.0 Released For Package Manager GUI Spawned By SUSE's Hack Week

openSUSE Begins Rolling Out Intel NPU Support

SUSE's Agama 18 OS Installer Released - i586 Support Dropped

SUSE Developer Working To Reimplement SSH Using The Zig Programming Language

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

ReactOS "Open-Source Windows" Reaches The Milestone Of Being Able To Run Half-Life

Arch Linux's AUR Sees More Than 400 Packages Compromised With Malware

Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack

Russian Spam & Profanities Are Now Plaguing The Arch Linux AUR

YSERVER: Modern X11 Server Written In Rust With The Help Of Claude Code

AMD Opens Pre-Orders For The Linux-Friendly Ryzen AI Halo Developer Platform

Linux 7.1 Released: New NTFS Driver, Intel FRED For Panther Lake, Faster Arc Graphics

Support Phoronix
While Having Ad-Free Browsing,
Single-Page Article Viewing

Legal Disclaimer, Privacy Policy, Cookies | | Contact

URL: https://www.phoronix.com/news/OpenSUSE-Tumble-Goes-SELinux

⇱ OpenSUSE Tumbleweed Switching From AppArmor To SELinux For New Installations - Phoronix

OpenSUSE Tumbleweed Switching From AppArmor To SELinux For New Installations