Re: Selinux question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



No i am not using the strict policy because the xserver will not start
after applying the policy and rebooting for relabelling. I am
currently enforcing the targetted policy.


On 7/13/05, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
> Mathew Pullar wrote:
> 
> >Hi,
> >I have just started to experiment with selinux and noticed the "User
> >Privs" section in system-config-securitylevel-gui and unticked allow
> >users to ping and allow users to read default system files. I then
> >created a new normal user account to test the changes i had made.
> >The new user was able to ping to and to read default system files such
> >as /etc/inittab.
> >I then thought perhaps relabelling was required so rebooted and
> >relabeled. This however still allowed normal users to ping.
> >My current selinux config is set to enabled and enforcing.
> >Any help would be greatly appreciated.

> >
> Are you running strict policy?
> 
> default system files are files that are marked with file context
> default_t.  You should not
> have many of them on the system.
> Dan


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux