Errors while rebooting (selinux related)
Jim Cornette
jim-cornette at insight.rr.com
Fri Jun 11 00:46:23 UTC 2004
Jim Cornette wrote:
...
>> Jun 9 19:09:23 owl kernel: audit(1086808129.330:0): avc: denied {
>> syslog_console } for pid=447 exe=/bin/dmesg
>> scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t
>> tclass=system
>>
>> Thanks for any assistance.
>>
>> Paul
>>
>>
>>
>>
> These messages are caused by SELinux needing to do things to set
> permissions and context right for it to work as designed. If you want
> to run selinux, there is a list that will help you with setting things
> up to work, as designed.
>
> Otherwise, you might want to add to your /etc/grub.conf file the below:
>
> kernel /vmlinuz-2.6.6-1.406 ro root=LABEL=/ selinux=0
>
> The selinux=0 is what you want to add to the kernel line. I just added
> my boot line so you know what line that I was referring to.
>
> Also there is a way to set the selinux to off in some config file. I
> am not sure what it is. You might need to search the archives for how
> to disable SELinux.
>
> I did notice two programs on my search for selinux on my computer. I
> have not tried to run them. They are listed below.
> /usr/bin/selinuxdisable
> /usr/bin/selinuxenabled
>
> I imagine that one disables selinux, which you might desire. The other
> should enable selinux. (wrong, they display status, see below)
>
> good luck,
> Jim
>
>
>
Just an addition to add what the programs do.
selinuxenabled(1) SELinux Command Line documentation
selinuxenabled(1)
NAME
selinuxenabled - tool to be used within shell scripts to
determine if
selinux is enabled
SYNOPSIS
selinuxenabled
Command exits with status 0 if selinux is enabled -256 if it
is not
enabled.
DESCRIPTION
selinuxenabled Indicates whether SELinux is enabled or disabled.
AUTHOR
Dan Walsh, <dwalsh at redhat.com>
SEE ALSO
setenforce"(8)",getenforce"(8)"
dwalsh at redhat.com 7 April 2004
selinuxenabled(1)
(END)
More information about the fedora-list
mailing list