Steven Stern wrote:
On Fri, 12 Nov 2004 11:07:00 -0500, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
Steven Stern wrote:
Edit /etc/selinux/config and change the type of policy to SELINUXTYPE=policyname. What should "policyname" be?
targeted
You can try to convert to an SELinux environment by doing the following.
yum install selinux-policy-targeted
touch /.autorelabel
reboot
I tried it. On startup, NFSD failed, my milters failed, and nothing was logging to /var/log/messages.
I changed to permissive and extracted all "avc:" messages from the log. The
log is attached as avc.txt. For now, I've changed the config to disabled. It
looks like SELINUX was either incompletely installed or not completely
configured. I suppose that enabling it only on fresh installs is a very good
idea!
I have the same type of errors that you descibe. This system was a pre-selinux system so I decided to use up2date to grab selinux-policy-targeted. The only packages installed with selinux in the heading are listed below.
rpm -qa |grep selinux selinux-policy-targeted-1.17.31-1 libselinux-1.19.1-3
It does not look like the relabel was successful. Try booting as single user, run fixfiles relabel and reboot.
fixfiles relabel comes back with a command not found. I am using up2date to get the strict policy and to see if any deps are pulled in which include fixfiles.
Jim
Dan
-- To err is human, to forgive is against company policy.
