selinux eradicator?
Matthew J. Roth
mroth at imminc.com
Thu Jun 28 21:47:46 UTC 2007
Karl Larsen wrote:
> This tells me that init is running a selinux demon and I know how to
> stop that I think. I looked at /etc/rc.d/init.d/ but no selinux
> switch. So I ask where in hell is it?
>
> [root at k5d init.d]# whereis selinux
> selinux: /etc/selinux /usr/include/selinux /usr/share/selinux
> /usr/share/man/man8/selinux.8.gz
> [root at k5d init.d]#
>
> So there is some reading that needs doing.
Karl,
The SELinux settings are contained in "/etc/sysconfig/selinux". I have
SELinux disabled, and the file looks like this:
[root at server ~]# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Note that any changes to this file require a reboot to take affect.
"sestatus" can then be used to verify the change:
[root at server ~]# sestatus
SELinux status: disabled
Matthew Roth
InterMedia Marketing Solutions
Software Engineer and Systems Developer
More information about the fedora-list
mailing list