Matthew J. Roth wrote:
Karl Larsen wrote:
This tells me that init is running a selinux demon and I know how to
stop that I think. I looked at /etc/rc.d/init.d/ but no selinux
switch. So I ask where in hell is it?
[root@k5d init.d]# whereis selinux
selinux: /etc/selinux /usr/include/selinux /usr/share/selinux
/usr/share/man/man8/selinux.8.gz
[root@k5d init.d]#
So there is some reading that needs doing.
Karl,
The SELinux settings are contained in "/etc/sysconfig/selinux". I
have SELinux disabled, and the file looks like this:
[root@server ~]# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Note that any changes to this file require a reboot to take affect.
"sestatus" can then be used to verify the change:
[root@server ~]# sestatus
SELinux status: disabled
Matthew Roth
InterMedia Marketing Solutions
Software Engineer and Systems Developer
Boy! What a gold mine of information! No reason for anyone to complain
about selinux any more. I did what is above and it was easy with the joe
editor. But I need to set it to put the original in /tmp/ :-) I'm
tired of rm *~ which works but geeze.
Then a reboot and a test:
[root@k5d ~]# sestatus
SELinux status: disabled
[root@k5d ~]#
So I can't complain about it again. It sure was a lot less obvious in FC4.
Karl
