FC[5|6] strict policy and root
David Nedrow
dnedrow at usa.net
Tue Oct 24 18:17:23 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Has anyone successfully switched from targeted to strict policies
under either FC5 or FC6?
Under FC6, I switched policies and relabeled on a boot. I also booted
into permissive mode. From there, I did an audit2allow to generate a
list of items I would need to add to my running policy.
After creating the module and loading it, all of the AVC messages
disappear even after a reboot. So, to my way of thinking, everything
should be working. However, if I enable enforcement root can log in
but not do anything beyond that. Only a reboot with enforcing set to
permissive at the grub prompt gets roots login working again. Even
after that, there are no new AVC messages.
Does anyone have an idea as to what I'm missing?
Prior to FC5, I had no problems with the strict policy.
- - -David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFFPlizF5XSfHP90EcRAoh9AJwN7Nl2WI8oKZ03p3oMUgJ+h+NRiQCeMHsQ
qErT6X0tJbB7nSknNE4Jm9c=
=GXr6
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list