Sjoerd Mullender wrote:
From reading all the replies it sounds like either you don't have selinux-policy-targeted installed.I'm trying to enable SELinux on my FC3 system and I followed the manual instructions in the FAQ* (I don't want to use system-config-securitylevel since it overwrites my iptables setup): /etc/selinux/config contains SELINUX=permissive and SELINUXTYPE=targeted; I have touched /.autorelabel; I have rebooted (several times, not all of them related to this issue); and when the system was rebooting, there was no noticeable delay while the files were being relabeled and /.autorelabel still exists. Also: # sestatus -v SELinux status: disabled
In /var/log/messages and in the dmesg output, I don't see anything about SELinux being disabled. I do see the following lines (the selinux=1 was my latest attempt--it didn't change anything):
# dmesg | grep -i selinux Kernel command line: ro root=LABEL=/ apm=off acpi=on selinux=1 SELinux: Initializing. SELinux: Starting in permissive mode selinux_register_security: Registering secondary module capability SELinux: Registering netfilter hooks
What am I doing wrong?
*) http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825232
Or init is having a hard time finding your policy file. It is looking for /etc/selinux/POLICYTYPE/policy/policy.18 (or 19)
Dan
--
