FC2 SELinux Installation issue (Newbie)

Don Patterson don.patterson at tresys.com
Fri Jun 25 21:05:28 UTC 2004 

Because SELinux is disabled by default in FC2, you need to change the
SELinux mode to either permissive mode or enforcing mode. It sounds like you
may have this set to "SELINUX=Disabled" in the configuration file, which
turns enforcing off and skips loading a policy at boot. See
http://people.redhat.com/kwade/fedora-docs/selinux-faq-en/index.html#id29341
53 for more information.

Don Patterson
Tresys Technology
www.tresys.com

-----Original Message-----
From: fedora-selinux-list-bounces at redhat.com
[mailto:fedora-selinux-list-bounces at redhat.com] On Behalf Of Olga Gelbart
Sent: Friday, June 25, 2004 3:26 PM
To: Fedora SELinux support list for users & developers.
Subject: FC2 SELinux Installation issue (Newbie)

Hello everyone,
    Sorry for a newbie question. I have never worked with SELinux before.
    I am a doctoral student in computer science, and as part of my 
research project I have to install SELinux. I have a FC2 (2.6.6 kernel) 
machine. I downloaded, compiled and installed an SELinux-patched 2.6.6 
kernel from NSA, then I installed the user utilities (policycoreutils, 
libselinux, etc -- downloaded from NSA's website as well). Since I have 
FC2, I am assuming that I don't need to install patched utitilies, since 
they are now included into FC2.  I only have  root user at this point, 
so I didn't edit the default policy file that came with the 
installation. I just did a 'make relabel' and booted into the SELinux 
kernel. If I just log in and run, for e.g., "ls -Z" I get the error that 
the kernel has to support SELinux. If I then cd into 
/etc/security/selinux/src/policy and do a "make load", then 'ls -Z' or 
'id' work properly and show me the context. Now if I reboot, it the 
system forgets what I just did, and I have to do a 'make load' again.
Something is not starting up at boot, I would guess. I tried 'selinux=1' 
at boot, but that doesn't change anything.

I would really appreciate it it anyone has any suggestions.

thanks a lot,
Olga Gelbart
Department of Computer Science
The George Washington University

--
fedora-selinux-list mailing list
fedora-selinux-list at redhat.com
http://www.redhat.com/mailman/listinfo/fedora-selinux-list

More information about the fedora-selinux-list mailing list