FC6 SELinux issues

Gene Czarcinski gene at czarc.net
Wed Oct 4 23:11:22 UTC 2006


On Wednesday 04 October 2006 18:27, Gene Czarcinski wrote:
> On Wednesday 04 October 2006 17:09, Gene Czarcinski wrote:
> > Before I spend time putting in bugzilla reports since it going to take
> > time to gather the documentation, I am hoping some of this is known.
> >  This testing was done with clean installs on hardware and using vmware.
> >
> > 1.  install selinux-policy-mls and switch to it using the
> > system-config-security tool ... then reboot and do the relabeling
> > (enforcing=0).  Then reboot again (enforcing=1) ... oops, an almost
> > immediate kernel panic!
> >
> > 2.  OK, get the system back up in targeted mode.  I then thought I would
> > try strict ... install selinx-policy-strict ... then reboot and do the
> > relabeling (enforcing=0).  Ten reboot again (enforcing=1) ... better ...
> > no kernel panic ... but not much better since some services fail starting
> > and, when I logon as root, I cannot do anything.
>
> Grumble, grumble.  Naturally, what did not work at work now works (sort of)
> when I try to reproduce it at home.  I do believe that there are some
> problems but I need to "better" reproduce them.
>
> I would still like to know if someone has installed something like fc6test3
> and then installed and switched to the mls policy ... did it work? ... did
> it not work?

Well, at least one of the problems (kernel panic) appears to be hardware 
related ... does not work on old dual P4 (Dell 350 workstation) but does work 
on AMD X2 4400+ processor system.  There are still some services that are not 
working but that will take a lot more work to track down.

Gene




More information about the fedora-selinux-list mailing list