selinux not enabled
Sjoerd Mullender
sjoerd at acm.org
Tue Apr 12 19:48:57 UTC 2005
Sjoerd Mullender wrote:
> I'm trying to enable SELinux on my FC3 system and I followed the manual
> instructions in the FAQ* (I don't want to use
> system-config-securitylevel since it overwrites my iptables setup):
> /etc/selinux/config contains SELINUX=permissive and SELINUXTYPE=targeted;
> I have touched /.autorelabel;
> I have rebooted (several times, not all of them related to this issue);
> and when the system was rebooting, there was no noticeable delay while
> the files were being relabeled and /.autorelabel still exists. Also:
> # sestatus -v
> SELinux status: disabled
>
> In /var/log/messages and in the dmesg output, I don't see anything about
> SELinux being disabled. I do see the following lines (the selinux=1 was
> my latest attempt--it didn't change anything):
>
> # dmesg | grep -i selinux
> Kernel command line: ro root=LABEL=/ apm=off acpi=on selinux=1
> SELinux: Initializing.
> SELinux: Starting in permissive mode
> selinux_register_security: Registering secondary module capability
> SELinux: Registering netfilter hooks
>
> What am I doing wrong?
>
> *) http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825232
Thanks to Stephen Smalley over at fedora-selinux-list I have been able
to solve the problem. The only thing that was missing was a
# mkdir /selinux
Since /selinux could not be mounted because the mount point was missing,
the whole SELinux stuff didn't get off the ground.
Thanks everyone for the suggestions and the interest.
--
Sjoerd Mullender <sjoerd at acm.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3931 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050412/b3784976/attachment-0001.bin>
More information about the fedora-list
mailing list