sellinux line command
Fred J.
phddas at yahoo.com
Mon Oct 2 17:43:16 UTC 2006
Paul Howarth <paul at city-fan.org> wrote: On Mon, 2006-10-02 at 00:13 -0700, Fred J. wrote:
> Hi
> while following the stops to install JRE as per
> http://stanton-finley.net/fedora_core_5_installation_notes.html
>
>
> the instruction which says:
> If you have not already done so go to "System" > "Administration" >
> "Security Level and Firewall". Enter your root password and click
> "ok". On the "SELinux" tab click on "Modify SELinux Policy", click on
> "Compatibility" to open it and tick the check box next to "Allow the
> use of shared libraries with Text Relocation". Click "ok". Reboot your
> machine to implement the new SELinux policy.
...
This action sets the allow_execmod SELinux boolean. You could do that
from the command line without using system-config-securitylevel as
follows:
# setsebool -P allow_execmod 1
There is no need to reboot after doing this.
However, this is not the best way of solving the problem, as it relaxes
security much more than necessary. A better way would be to set the
SElinux context type of the java libraries to textrel_shlib_t, which
would have the same effect but only for those particular libraries.
Paul.
set the SElinux context type ...
I don't understand, who is it done, could some one provide a link to the docs please.
---------------------------------
How low will we go? Check out Yahoo! Messenger’s low PC-to-Phone call rates.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20061002/c26b768a/attachment.htm>
More information about the fedora-selinux-list
mailing list