selinux eradicator?

[Karl Larsen]

Matthew J. Roth wrote:
> Karl Larsen wrote:
>> This tells me that init is running a selinux demon and I know how to 
>> stop that I think. I looked at /etc/rc.d/init.d/ but no selinux 
>> switch. So I ask where in hell is it?
>>
>> [root at k5d init.d]# whereis selinux
>> selinux: /etc/selinux /usr/include/selinux /usr/share/selinux 
>> /usr/share/man/man8/selinux.8.gz
>> [root at k5d init.d]#
>>
>> So there is some reading that needs doing.
> Karl,
>
> The SELinux settings are contained in "/etc/sysconfig/selinux".  I 
> have SELinux disabled, and the file looks like this:
>
> [root at server ~]# cat /etc/sysconfig/selinux
> # This file controls the state of SELinux on the system.
> # SELINUX= can take one of these three values:
> #       enforcing - SELinux security policy is enforced.
> #       permissive - SELinux prints warnings instead of enforcing.
> #       disabled - SELinux is fully disabled.
> SELINUX=disabled
> # SELINUXTYPE= type of policy in use. Possible values are:
> #       targeted - Only targeted network daemons are protected.
> #       strict - Full SELinux protection.
> SELINUXTYPE=targeted
>
> Note that any changes to this file require a reboot to take affect.  
> "sestatus" can then be used to verify the change:
>
> [root at server ~]# sestatus
> SELinux status:         disabled
>
> Matthew Roth
> InterMedia Marketing Solutions
> Software Engineer and Systems Developer
>
Boy! What a gold mine of information! No reason for anyone to complain 
about selinux any more. I did what is above and it was easy with the joe 
editor. But I need to set it to put the original in /tmp/ :-)    I'm 
tired of rm *~ which works but geeze.

Then a reboot and a test:

[root at k5d ~]# sestatus
SELinux status:                 disabled
[root at k5d ~]#

So I can't complain about it again. It sure was a lot less obvious in FC4.

Karl