[rhelv6-list] selinux (not quite) disabled?

Collins, Kevin [BEELINE] KCollins at chevron.com
Thu Dec 2 20:17:17 UTC 2010 

In testing RHEL6, I have noted that some directories show a "." (dot) at
the end:

 

# ls -ld /* | grep ^d

dr-xr-xr-x.   2 root root  4096 Nov 24 16:29 /bin

dr-xr-xr-x.   5 root root  1024 Nov 24 15:56 /boot

drwxr-xr-x.   2 root root  4096 Jul 14 04:45 /cgroup

drwxr-xr-x   20 root root  3700 Dec  2 12:04 /dev

drwxr-xr-x. 120 root root 12288 Dec  2 12:04 /etc

drwxr-xr-x.   2 root root  4096 Dec  4  2009 /home

dr-xr-xr-x.  12 root root  4096 Dec  1 03:31 /lib

dr-xr-xr-x.   9 root root 12288 Dec  1 16:06 /lib64

drwx------.   2 root root 16384 Nov 24 15:36 /lost+found

drwxr-xr-x.   2 root root  4096 Dec  4  2009 /media

drwxr-xr-x    2 root root     0 Dec  2 12:04 /misc

drwxr-xr-x.   2 root root  4096 Dec  4  2009 /mnt

drwxr-xr-x    2 root root     0 Dec  2 12:04 /net

drwxr-xr-x.   6 root root  1024 Nov 30 15:30 /opt

dr-xr-xr-x  185 root root     0 Dec  2 04:04 /proc

drwxr-xr-x    7 root root  4096 Nov 11 11:04 /redhat

dr-xr-x---.  27 root root  4096 Dec  2 11:50 /root

dr-xr-xr-x.   2 root root 12288 Nov 24 16:29 /sbin

drwxr-xr-x.   2 root root  4096 Nov 24 15:37 /selinux

drwxr-xr-x.   2 root root  4096 Dec  4  2009 /srv

drwxr-xr-x   13 root root     0 Dec  2 04:04 /sys

drwxrwxrwt.  11 root root  1024 Dec  2 12:04 /tmp

drwxr-xr-x.   3 root root  4096 Nov 24 15:54 /users

drwxr-xr-x.  16 root root  4096 Nov 24 15:58 /usr

drwxr-xr-x.   3 root root  4096 Dec  1 10:55 /util

drwxr-xr-x.  26 root root  4096 Nov 24 15:58 /var

 

It was my understanding that this is related to selinux, however we
(currently) disable selinux via "selinux --disabled" in the kickstart
file as well as adding "selinux=0" to the kernel command line:

 

# getenforce

Disabled

 

# grep selinux /etc/grub.conf 

        kernel /vmlinuz-2.6.32-71.el6.x86_64 ro
root=/dev/mapper/vg00-lvol1 rd_LVM_LV=vg00/lvol1 rd_LVM_LV=vg00/lvol2
rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16
KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto audit=0 selinux=0 rhgb
quiet

 

# cat /proc/cmdline 

ro root=/dev/mapper/vg00-lvol1 rd_LVM_LV=vg00/lvol1 rd_LVM_LV=vg00/lvol2
rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16
KEYBOARDTYPE=pc KEYTABLE=us crashkernel=129M at 0M audit=0 selinux=0 rhgb
quiet

 

It would appear that selinux is disabled, except for the dots...
anything I am missing? I have not seen this behavior on RHEL5...

 

Thanks,

 

Kevin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhelv6-list/attachments/20101202/bb4d68a8/attachment.htm>

More information about the rhelv6-list mailing list