who provides /etc/sysconfig/selinux?
Bill Nottingham
notting at redhat.com
Thu Apr 8 04:40:45 UTC 2004
Richard Hally (rhally at mindspring.com) said:
> The purpose of the file is to set one of the three values when the
> system boots but not change it on the fly while the system is up?
Mainly to set the value when the system boots, although it will
change the enforcing level if you change it while it's operational.
> OK, so the next question is where is that file read and used ? the
> init program? sysinit?
By init, yes.
> I get the impression that it will be overridden
> by kernel parameters, how does that happen?
It's a priority mechanism - kernel parameters (selinux=0, or enforcing=(1|0))
take precedence, then the values in /etc/sysconfig/selinux, then whatever
the kernel default is.
> Last question, has consideration been given to changing the value in
> that file when someone changes the actual status of SELinux(enforcing or
> permissive) with setenforce.
Not really... setenforce is (IMO) used for temporary changes.
Bill
More information about the fedora-test-list
mailing list