On Thu, 20 Sep 2007 23:49:41 -0400, David Boles wrote: [....] > This way is, IMO, the crude way to do this. Turn SELinux off, if you > chose to do so, in the SELinux configuration file. > > /etc/selinux/config > > change SELINUX=enforcing > > to SELINUX=disabled Here's an interesting discovery. On a machine where I haven't touched selinux since installing F7, I get this : [root@localhost btth]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=permissive # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted # SETLOCALDEFS= Check local definition changes SETLOCALDEFS=0 [root@localhost btth]# Note that it says "targeted" -- typically, without giving me any faintest hint at what. The same file on the machine I disabled selinux from yesterday is the same except for "disabled" instead of "permissive." I *hope* targeted makes no difference so long as selinux is disabled. But that doesn't tell me what is targeted on the other machines, nor whether the default choices fit my kind of situation. (If they do, I'll take it on faith that they're well chosen.) -- Beartooth Staffwright, PhD, Neo-Redneck Linux Convert Remember I know precious little of what I am talking about.
