selinux / semodule question
Ivan Gyurdiev
ivg2 at cornell.edu
Wed Mar 15 11:42:48 UTC 2006
Gordon Stewart wrote:
> Hi
>
> Selinux/ semodule has broken my kernel as now all I am getting now is run out of input data.
>
What exactly is the problem...?
> Looking at the email below I need to run semodule -r. Can some tell me where this is located. I am runing my box in rescue mode.
>
It's located in the policycoreutils rpm [ /usr/sbin/semodule ].
However, I am not sure if you should be using it - semodule is a utility
which adds/removes modules from policy. If you don't know where it is
located, how do you know that it has broken your system, and how to fix
it using semodule?
---
If what you're trying to do is disable selinux, the way to do that is to
pass the selinux=0 [ or was it selinux=off ?] parameter to the kernel at
boot time. It's better to pass [enforcing=0] instead, which should fix
any selinux issues you're having, continue to label files correctly, and
keep logging on, so you can identify the problem [ by looking at
/var/log/audit/audit.log ], and possibly report a bug.
More information about the fedora-test-list
mailing list