selinux not enabled
Daniel J Walsh
dwalsh at redhat.com
Mon Apr 11 15:15:58 UTC 2005
Sjoerd Mullender wrote:
>I'm trying to enable SELinux on my FC3 system and I followed the manual
>instructions in the FAQ* (I don't want to use
>system-config-securitylevel since it overwrites my iptables setup):
>/etc/selinux/config contains SELINUX=permissive and SELINUXTYPE=targeted;
>I have touched /.autorelabel;
>I have rebooted (several times, not all of them related to this issue);
>and when the system was rebooting, there was no noticeable delay while
>the files were being relabeled and /.autorelabel still exists. Also:
># sestatus -v
>SELinux status: disabled
>
>In /var/log/messages and in the dmesg output, I don't see anything about
>SELinux being disabled. I do see the following lines (the selinux=1 was
>my latest attempt--it didn't change anything):
>
># dmesg | grep -i selinux
>Kernel command line: ro root=LABEL=/ apm=off acpi=on selinux=1
>SELinux: Initializing.
>SELinux: Starting in permissive mode
>selinux_register_security: Registering secondary module capability
>SELinux: Registering netfilter hooks
>
>What am I doing wrong?
>
>*) http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825232
>
>
>
From reading all the replies it sounds like either you don't have
selinux-policy-targeted installed.
Or init is having a hard time finding your policy file. It is looking
for /etc/selinux/POLICYTYPE/policy/policy.18 (or 19)
Dan
--
More information about the fedora-list
mailing list