Re: selinux not enabled

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sjoerd Mullender wrote:

I'm trying to enable SELinux on my FC3 system and I followed the manual
instructions in the FAQ* (I don't want to use
system-config-securitylevel since it overwrites my iptables setup):
/etc/selinux/config contains SELINUX=permissive and SELINUXTYPE=targeted;
I have touched /.autorelabel;
I have rebooted (several times, not all of them related to this issue);
and when the system was rebooting, there was no noticeable delay while
the files were being relabeled and /.autorelabel still exists.  Also:
# sestatus -v
SELinux status:         disabled

In /var/log/messages and in the dmesg output, I don't see anything about
SELinux being disabled.  I do see the following lines (the selinux=1 was
my latest attempt--it didn't change anything):

# dmesg | grep -i selinux
Kernel command line: ro root=LABEL=/ apm=off acpi=on selinux=1
SELinux:  Initializing.
SELinux:  Starting in permissive mode
selinux_register_security:  Registering secondary module capability
SELinux:  Registering netfilter hooks

What am I doing wrong?

*) http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825232



From reading all the replies it sounds like either you don't have selinux-policy-targeted installed.
Or init is having a hard time finding your policy file. It is looking for /etc/selinux/POLICYTYPE/policy/policy.18 (or 19)


Dan

--



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux