What's SELinux doing to me?

Tony Nelson tonynelson at georgeanelson.com
Mon Jun 11 21:21:11 UTC 2007

At 10:30 PM -0400 6/10/07, William Case wrote:
>Thanks for your response Olivares;
>On Sun, 2007-06-10 at 15:37 -0700, Antonio Olivares wrote:
>> Bill,
>> Have you tried to do what they recommend you to do
>> Allowing Access
>>     If you want /usr/bin/smbspool to access this files, you need to
>> relabel them
>>     using restorecon -v /tmp/gedit.bill.2675579933.  You might want to
>> relabel
>>     the entire directory using restorecon -R -v /tmp.
>> Become root user su -
>> # restorecon -v /tmp/gedit.bill.2675579933
>> and you might want to
>> # restorecon -R -v /tmp
>> if the above did not help.
>> Hope this helps,
>I had set SELinux to permissive, so it should not have been making
>demands on me.  That's why I was confused.

When SELinux is in permissive mode, it does all the same tests and tracks
the results as it would in enforcing mode.  There will be more denials
logged in permissive mode, as in enforcing mode whatever was trying to do
something usually gives up at the first denial.

Permissive mode offers no protection at all.  Perhaps you just want SELinux
TonyN.:'                       <mailto:tonynelson at georgeanelson.com>
      '                              <http://www.georgeanelson.com/>

More information about the fedora-list mailing list