Core 2: Accidently switched on SELINUX

Mon May 24 16:20:11 UTC 2004

Hello,

By accident i installed the policy rpm on an updated machine (from core 
1 to core 2). The update did not install the core utils for selinux and 
stuff, so i only had policy (shouldn't the dependencies have picked this 
up somehow?).

Then i rebooted the box. Below is the result.... The box sometimes even 
hanged. I fixed it by doing rpm -e policy again.....

My question is if there isn't done any harm to my system anyhow because 
the log shows it tried to change all kind of stuff to my system......

Also after a reboot /selinux is always mounted again. On a fresh box it 
doesn't. How can i get rid of that? Before the policy rpm /selinux was 
always unmounted by default.

Thanks,

-- 
jan

May 23 19:58:24 pandora kernel: SELinux:  Completing initialization.
May 23 19:58:24 pandora kernel: SELinux:  Setting up existing superblocks.
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
selinuxfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev hda5, type 
ext3), uses xattr
May 23 19:58:24 pandora kernel: SELinux: initialized (dev ram0, type 
ext2), uses xattr
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
mqueue), not configured for labeling
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
hugetlbfs), not configured for labeling
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
devpts), uses transition SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
eventpollfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
pipefs), uses task SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type tmpfs), 
uses transition SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
futexfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
sockfs), uses task SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type proc), 
uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type bdev), 
uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type 
rootfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type sysfs), 
uses genfs_contexts
May 23 19:58:24 pandora kernel: audit(1085335066.139:0): avc:  denied  { 
getattr } for  pid=1 exe=/sbin/init path=/dev/initctl dev=h
da5 ino=8195 scontext=system_u:system_r:kernel_t 
tcontext=system_u:object_r:file_t tclass=fifo_file
May 23 19:58:24 pandora kernel: audit(1085335066.139:0): avc:  denied  { 
read write } for  pid=1 exe=/sbin/init name=initctl dev=hda
5 ino=8195 scontext=system_u:system_r:kernel_t 
tcontext=system_u:object_r:file_t tclass=fifo_file
May 23 19:58:24 pandora kernel: audit(1085335067.446:0): avc:  denied  { 
syslog_console } for  pid=449 exe=/bin/dmesg scontext=syste
m_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system
May 23 19:58:24 pandora kernel: audit(1085335067.523:0): avc:  denied  { 
search } for  pid=453 exe=/sbin/sysctl name=net dev= ino=-2
68435354 scontext=system_u:system_r:kernel_t 
tcontext=system_u:object_r:sysctl_net_t tclass=dir
May 23 19:58:24 pandora kernel: audit(1085335067.523:0): avc:  denied  { 
write } for  pid=453 exe=/sbin/sysctl name=ip_forward dev=
ino=-268435331 scontext=system_u:system_r:kernel_t 
tcontext=system_u:object_r:sysctl_net_t tclass=file
May 23 19:58:24 pandora kernel: audit(1085335067.523:0): avc:  denied  { 
getattr } for  pid=453 exe=/sbin/sysctl path=/proc/sys/net/
ipv4/ip_forward dev= ino=-268435331 scontext=system_u:system_r:kernel_t 
tcontext=system_u:object_r:sysctl_net_t tclass=file
May 23 19:58:24 pandora kernel: ACPI: Power Button (FF) [PWRF]