[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FC2: Audit errors on /var/log/messages (SELinux (?) newbie)



Rami Saarinen schreef:

Oh, just as I had posted this message I found the "Fedora Core 2 test2
SELinux FAQ" at


http://mindstorm.ath.cx:8080/fedora-docs/selinux-faq-en/


That clears out many questions, but does anyone have any good reasons


why


I should have SELinux turned on? The machine is connected to the


internet


just few hours a day and I have all the services off on the system-config-securitylevel.

I suppose SELinux provides the ACL mechanism, but I'm not sure I need


it


.. afterall it may be a bit overkill for two-user computer. ;)






If you need to disable SELinux , simply edit /etc/sysconfig/selinux and
change SELINUX=enforcing (or permissive) to SELINUX=disabled . On older
kernel versions , you had to add a option during boot , but it has been
disabled.
Also , ACL is not related to SELinux. You can disable SELinux without
any fear of problems...




Thanks Pedro for help. Unfortunately /etc/sysconfig/selinux is missing. Oh
well, I'll figure out something (like adding the selinux in
etc/sysconfig).



Yes, i noticed that as well. I have two servers. One new install and one upgraded machine.
On the fresh install that file is there. But it's not owned by any package!


# rpm -qf /etc/sysconfig/selinux
file /etc/sysconfig/selinux is not owned by any package

On another server which was an upgrade from core 1 that file is missing....... as well as other stuff related to
selinux (like for example policy-1.11.3-3 and policycoreutils-1.11-2).


Apparently upgrading is *not* full proof (i was missing several other things as well)!

Jan






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]