Re: SELinux error booting backup f12

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/22/2010 08:12 PM, jackson byers wrote:
> Daniel J Walsh wrote
> 
>> You can boot with selinux=0 or enforcing=0.  enforcing=0 means that
>> SELinux will block nothing, but maintain the labeling.
> 
> 1) selinux=0 worked;  booted up into my backup f12, looks good.
> 
> 2) next tried rebooting with  enforcing=0
>     This was more difficult; the boot process got into relabeling
>      wtth a warning it would take long time.
>      I walked away from the screen maybe 20minutes into the relabeling
>      and when I got back (maybe at 30min time),
>       it had rebooted on its own, but into my main f12.
>       Rebooted yet again into the "enforcing=0" stanza of my backup f12,
>       and it came up this time into my backup f12,
>       with no further relabeling message,
>       so all looks ok here too.
> 
> This was a good learning exerience.
> But I must say I am still mostly ignorant of what SELinux is doing,
> why I needed either selinux=0, enforcing=0, in the first place, and
> in particular the "what/why/how" of this relabeling business.
> I have spent some time, not a lot, on googling SELinux, relabeling,
> and I am getting lost in the detail.
> 
> thanks for showing me the ropes re selinux=0, enforcing=0
> 
> Jack
You should not need either.

selinux=0

Disables SELinux.  The boot system leaves a flag around telling the
system that SELinux has been disabled.  The next time you enable it
(booting without the selinux=0 flag) the system forces a relable.  Which
means every file/dir/device/etc gets a label added to it.

enforcing=0, means all syscalls that SELinux would have blocked are
allowed  and all of the labeling continues.

F12 is booting without either flag, selinux in enforcing mode for the
vast majority of users.  Now that you have relabeled.  I would bet your
system will boot with out either flag.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkv6jhoACgkQrlYvE4MpobNPzwCgraoaRBcb7eVEv9bLJXqi0w59
swcAmwbQuEBl29MT0qub30RCeWC5LxIW
=Zl28
-----END PGP SIGNATURE-----
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux