selinux not enabled
Richard E Miles
r.godzilla at comcast.net
Sun Apr 10 21:35:02 UTC 2005
On Sun, 10 Apr 2005 15:10:40 +0200
Julien Le Houérou <julien_lh at yahoo.fr> wrote:
> Sjoerd Mullender wrote:
>
> >I'm trying to enable SELinux on my FC3 system and I followed the manual
> >instructions in the FAQ* (I don't want to use
> >system-config-securitylevel since it overwrites my iptables setup):
> >/etc/selinux/config contains SELINUX=permissive and SELINUXTYPE=targeted;
> >I have touched /.autorelabel;
> >I have rebooted (several times, not all of them related to this issue);
> >and when the system was rebooting, there was no noticeable delay while
> >the files were being relabeled and /.autorelabel still exists. Also:
> ># sestatus -v
> >SELinux status: disabled
> >
> >In /var/log/messages and in the dmesg output, I don't see anything about
> >SELinux being disabled. I do see the following lines (the selinux=1 was
> >my latest attempt--it didn't change anything):
> >
> ># dmesg | grep -i selinux
> >Kernel command line: ro root=LABEL=/ apm=off acpi=on selinux=1
> >SELinux: Initializing.
> >SELinux: Starting in permissive mode
> >selinux_register_security: Registering secondary module capability
> >SELinux: Registering netfilter hooks
> >
> >What am I doing wrong?
> >
> >*) http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825232
> >
> >
> >
> What if there is no /etc/selinux/ nor /etc/sysconfig/selinux ?? i don't
> have any of them my system!!
>
Have you installed selinux-policy-targeted and selinux-policy-strict?
They provide /etc/selinux files.
/etc/sysconfig/selinux is a symlink to /etc/selinux/config.
--
Richard E Miles
Federal Way WA. USA
registered linux user 46097
More information about the fedora-list
mailing list