SELinux Attack!
Tim
ignored_mailbox at yahoo.com.au
Fri Oct 12 16:05:34 UTC 2007
Karl Larsen had a PANIC ATTACK about SELinux:
> This morning I started the computer and it stopped for 10 minutes
> because it could not find cups. It talked about applying iptables but
> had "never matched protocal" and when it finally came up Thunderbird was
> broken.
This sounds more like a general networking problem, particularly to do
with name resolution. Starting CUPs needs name resolution to work, so
does X, and many applications that'll use X, and particularly a mail
client.
The iptables message sounds like something I see at every boot related
to IPv6, which I don't expect to work because my router, and I think my
ISP, don't support it. I can trigger the same error message like this:
# service ip6tables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading ip6tables modules: [ OK ]
Applying ip6tables firewall rules: Warning: never matched protocol: 51. use extension match instead.
[ OK ]
I will, fairly confidently, say that this is unimportant for most
people.
For your issue I strongly suspect that you need to check whether your
machine name resolves. Look into your hosts file, your resolv.conf
file, and the addresses applied to your network interfaces.
> I turned off SELinux but it is still fucking up my F7. It took and
> hour before Thunderbird started working!
>
> I am still a long way out of the woods. If anyone has an idea on how
> to delete SELinux from your computer I want to know about it. Also how
> do I save my computer from the damage already done?
>
> I turned SELinux onto the Passive mode to try my hand at making a F8
> CD. One of my larger errors :-)
I think you're chasing a red herring. Anyway, you cannot remove
SELinux, there was a long thread about this not long ago. You can put
it into permissive mode, where it's *supposed* to not stop anything,
just log it. Or you can put it into disabled mode.
--
(This box runs FC7, my others run FC4, FC5 & FC6, in case that's
important to the thread.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list