[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux Attack!

Daniel J Walsh wrote:
Hash: SHA1

Chris wrote:
On Sun, 14 Oct 2007 11:24:59 -0600
Karl Larsen <k5di zianet com> wrote:

I have learned a lot about SELinux in the past week. It turns out the simple fix is to just turn it off. But it is possible I have
learned to live with SELinux turned full on and what to do if there
is trouble.

    This all started when I had to turn on SELinux to use a device,
so I did and there was no problem. So I left it turned on. Then one
morning I turned on my computer and instead of booting clear up in
just one minute, it stopped when init tried to turn on "cups". It
stayed there for 10 minutes! My thoughts were, how did I screw up the
file system so bad? So turned off the boot and booted up in the
rescue mode from a CD, and did #fsck /dev/sdb5 and it said there is
nothing wrong.
I too had SELinux issues. Mine were of my own doing though. I soon
found out the easies way to get my box to boot was as Karl mentioned,
boot from the CD and rescue it.
I mounted the drive (as suggested) but simply edited
the /etc/selinux/config file with a simple


Bingo - that solved that, rebooted and all was good. What I did next
was simply tar up the /selinux directory from my lappy and then applied
the tarball to my desktop.

Went back into SELinux and had it enabled and set it to relabel on next

All seems fine after a week. Not sure how I mucked mine up, but I did
and this is what I did to correct my fat-fingering.

A much easier way would have been

boot the kernel and add to boot line

enforcing=0 autorelabel

This should put the machine in permissive mode and force a relabel.
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org


What I did do was using the gui things on F7 I turned on SELinux to maximum protection and rebooted. After 30 minutes of labeling files it came up no problems.
This morning it came up just fine with SELinux working.


	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]