FW: How to start using selinux?
Richard Hally
rhally at mindspring.com
Thu Mar 25 22:49:12 UTC 2004
-----Original Message-----
From: fedora-selinux-list-bounces at redhat.com
[mailto:fedora-selinux-list-bounces at redhat.com] On Behalf Of Gene
Czarcinski
Sent: Thursday, March 25, 2004 5:13 PM
To: fedora-selinux-list at redhat.com
Subject: Re: How to start using selinux?
On Thursday 25 March 2004 14:09, Richard Hally wrote:
> > Here are a couple of links to HOWTOs
> >
> >
https://sourceforge.net/docman/display_doc.php?docid=20372&group_id=21266
> >
> >
https://sourceforge.net/docman/display_doc.php?docid=21959&group_id=21266
>Thanks. There are good but ..
>What I am looking for is something a bit more "cook bookish". Since the
>default (current snapshot of FC2 development) is to install with selinux
set
>to enforcing, I am expecting the system to come up (it does not) and then
>some "cook book" instructions on setting things up so I can begin plying
with
>things. Right now if I bootup with selinux set to enforcing, I cannot do
>anything .. even login.
The recommended way to start off is in permissive mode. Kernel ...253.2.1
does not start in enforcing mode automatically by default.
>I was hoping to see something with selinux running where I could then work
>(play) with the system to understand selinux configuration and usage.
One thing you can do is duplicate the lines in grub for a particular kernel
and add ENFORCING to the title and enforcing=1 to the end of the kernel
line. That way you can start off in either mode.
The way to see which mode is to "cat /selinux/enforce" 0 is permissive. To
change to enforcing while running "echo 1 > /selinux/enforce".
>Right now, booting up in single user mode is my most useful too since that
is
>the only way I have found to get out of enforcing mode.
<snip>
Richard Hally
More information about the fedora-selinux-list
mailing list