selinux eradicator?
Karl Larsen
k5di at zianet.com
Thu Jun 28 22:13:23 UTC 2007
Matthew J. Roth wrote:
> Karl Larsen wrote:
>> This tells me that init is running a selinux demon and I know how to
>> stop that I think. I looked at /etc/rc.d/init.d/ but no selinux
>> switch. So I ask where in hell is it?
>>
>> [root at k5d init.d]# whereis selinux
>> selinux: /etc/selinux /usr/include/selinux /usr/share/selinux
>> /usr/share/man/man8/selinux.8.gz
>> [root at k5d init.d]#
>>
>> So there is some reading that needs doing.
> Karl,
>
> The SELinux settings are contained in "/etc/sysconfig/selinux". I
> have SELinux disabled, and the file looks like this:
>
> [root at server ~]# cat /etc/sysconfig/selinux
> # This file controls the state of SELinux on the system.
> # SELINUX= can take one of these three values:
> # enforcing - SELinux security policy is enforced.
> # permissive - SELinux prints warnings instead of enforcing.
> # disabled - SELinux is fully disabled.
> SELINUX=disabled
> # SELINUXTYPE= type of policy in use. Possible values are:
> # targeted - Only targeted network daemons are protected.
> # strict - Full SELinux protection.
> SELINUXTYPE=targeted
>
> Note that any changes to this file require a reboot to take affect.
> "sestatus" can then be used to verify the change:
>
> [root at server ~]# sestatus
> SELinux status: disabled
>
> Matthew Roth
> InterMedia Marketing Solutions
> Software Engineer and Systems Developer
>
Boy! What a gold mine of information! No reason for anyone to complain
about selinux any more. I did what is above and it was easy with the joe
editor. But I need to set it to put the original in /tmp/ :-) I'm
tired of rm *~ which works but geeze.
Then a reboot and a test:
[root at k5d ~]# sestatus
SELinux status: disabled
[root at k5d ~]#
So I can't complain about it again. It sure was a lot less obvious in FC4.
Karl
More information about the fedora-list
mailing list