Sjoerd Mullender wrote: > I'm trying to enable SELinux on my FC3 system and I followed the manual > instructions in the FAQ* (I don't want to use > system-config-securitylevel since it overwrites my iptables setup): > /etc/selinux/config contains SELINUX=permissive and SELINUXTYPE=targeted; > I have touched /.autorelabel; > I have rebooted (several times, not all of them related to this issue); > and when the system was rebooting, there was no noticeable delay while > the files were being relabeled and /.autorelabel still exists. Also: > # sestatus -v > SELinux status: disabled > > In /var/log/messages and in the dmesg output, I don't see anything about > SELinux being disabled. I do see the following lines (the selinux=1 was > my latest attempt--it didn't change anything): > > # dmesg | grep -i selinux > Kernel command line: ro root=LABEL=/ apm=off acpi=on selinux=1 > SELinux: Initializing. > SELinux: Starting in permissive mode > selinux_register_security: Registering secondary module capability > SELinux: Registering netfilter hooks > > What am I doing wrong? > > *) http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825232 Thanks to Stephen Smalley over at fedora-selinux-list I have been able to solve the problem. The only thing that was missing was a # mkdir /selinux Since /selinux could not be mounted because the mount point was missing, the whole SELinux stuff didn't get off the ground. Thanks everyone for the suggestions and the interest. -- Sjoerd Mullender <sjoerd@xxxxxxx>
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
