At 9:41 PM -0400 6/19/07, Michael Wiktowy wrote: >On 6/18/07, Tony Nelson <tonynelson@xxxxxxxxxxxxxxxxx> wrote: >> At 5:20 PM -0400 6/18/07, Michael Wiktowy wrote: >> >Couldn't you just change your grub entry to include enforcing=0 at the >> >boot menu without the Rescue CD step? >> >> How would that create the file /.autorelabel? How would you plan to edit >> grub.conf when the system won't boot due to SELinux labeling issues? > >You can press "e" on any grub entry to edit it on boot. This will >allow you to make changes for just that boot time ... not permanently. You repeat the obvious steps that have been listed often in this thread. We know that already. Do you know the kernel parameter to cause SELinux to relable, without booting and doing `touch /.autorelabel`? Hint: if you read the whole thread, you'll find it. >> >I would think that selinux would autorelabel whether it is enforcing >> >or not. Just as long as it is enabled. >> >> It will try. If the SELinux labels are wrong enough it will fail, and the >> system will be in at least as bad shape as before. > >If enforcing is off, selinux isn't going to stop anything. But it will >continue to log nastiness so it might help to determine what is going >wrong. Again you state the obvious. Do you know what happens if SELinux is in enforcing mode when relabeling? You haven't been paying attention. -- ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/>
