SELinux Understanding
Daniel J Walsh
dwalsh at redhat.com
Wed Oct 17 13:37:45 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Claude Jones wrote:
> On Mon October 15 2007, Nigel Henry wrote:
>> Now I'm not too bothered about SELinux. I've seen it around since FC2, but
>> for the first time on Fedora 7 I've given it a try. I'm only a home user,
>> so nothing critical going on, and apart from the little FTP problem it's
>> working ok.
>>
>> I'm not sure what you're saying though in your reply above. From what I
>> understand, if you disable SELinux (not sure if a reboot has to occur
>> before the next step), then re-enable SELinux in enforcing mode (as it was
>> previously). I found that re-enabling SELinux in enforcing mode, then
>> rebooting, resulted in the relabelling stuff being done. So is there some
>> incantation you can apply to the kernel on bootup to prevent SELinux doing
>> it's relabel stuff?
>
> See my reply to Bruno. It's been awhile since I disabled it, and when I'd done
> it in the past, I don't recall having a relabel forced. My memory could be
> wrong, or things may have changed...
>
When SELinux is disabled, the /.autorelabel file gets created on reboot.
If the machine later comes up with SELinux enabled. This will trigger a
relabel.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHFhAprlYvE4MpobMRAi9VAKDVKhoE2J+6bFxHjYpujISS6ECG0gCeP7fH
2nu2wH1vEvDW5AUbRBewl6E=
=yU45
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list