Selinux so badly corrupted machine can't start
Tony Nelson
tonynelson at georgeanelson.com
Mon Jun 18 21:48:31 UTC 2007
At 5:20 PM -0400 6/18/07, Michael Wiktowy wrote:
>On 6/18/07, Tony Nelson <tonynelson at georgeanelson.com> wrote:
>> At 9:23 AM -0400 6/18/07, Claude Jones wrote:
>> ...
>> >...touch /.autorelabel
>> >is impossible, because it never gets to that point.
>> ...
>>
>> Boot from the Rescue CD, accept the mount, and do the touch. Reboot with
>> "enforcing=0".
>
>Couldn't you just change your grub entry to include enforcing=0 at the
>boot menu without the Rescue CD step?
How would that create the file /.autorelabel? How would you plan to edit
grub.conf when the system won't boot due to SELinux labeling issues?
>I would think that selinux would autorelabel whether it is enforcing
>or not. Just as long as it is enabled.
It will try. If the SELinux labels are wrong enough it will fail, and the
system will be in at least as bad shape as before.
--
____________________________________________________________________
TonyN.:' <mailto:tonynelson at georgeanelson.com>
' <http://www.georgeanelson.com/>
More information about the fedora-list
mailing list