-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Karl Larsen wrote: > Daniel J Walsh wrote: > Karl Larsen wrote: > >>>> Thomas Cameron wrote: >>>> >>>>> On Sat, 2007-10-13 at 05:38 -0600, Karl Larsen wrote: >>>>> >>>>> >>>>> >>>>>>> That's called coincidence, not proof. >>>>>>> >>>>>>> >>>>>> I think your trying to protect SELinux. I don't know why. >>>>>> >>>>> No, it's pointing out the obvious. The issue you had was NOT - repeat >>>>> NOT - an issue with SELinux. >>>>> >>>>> A lot of people a lot smarter than you have said so, you bring NO proof >>>>> to the list, just supposition based on coincidence. >>>>> >>>>> I've tried to be polite to you out of respect to my elders, but you are >>>>> just full of shit and won't listen to folks who know a bunch more than >>>>> you do. >>>>> >>>>> Get this through your head: Your issues are NOT due to SELinux. I >>>>> don't know what you did, but you are the kind of user that sysadmins >>>>> HATE because you go in and jack up your system and then blame the >>>>> system >>>>> or the admin. >>>>> >>>>> Listen to those who know more than you do, OK? >>>>> >>>>> Thomas >>>>> >>>>> >>>> Listen you fat head jerk! You brought nothing but your gut feeling >>>> that SELinux can't be the cause period. >>>> >>>> Well your almost right. But you have no idea why. You do not know why >>>> your right. Or what that means. I will not turn SELinux back on until a >>>> Bug is fixed in F7 8-) >>>> >>>> >>>> >>>> >>>> >>>> > Karl, > > When you turned on SELinux the AVC's were being logged to > /var/log/audit/audit.log This is where setroubleshoot and other tools > grab the AVC messages. > >> Those that I presented are from /var/log/messages. > When you go from disable to enabled, the entire system needs to be > relabeled. This can take a long time to happen since the entire file > system is walked. After relabeling your system should work properly. > >> Yesterday I changed SELinux from off to full enforce. It booted up >> fine this morning and I really can't tell it is on. But it did take 30 >> minutes to label all the directories. > I would make sure that you have updated to the latest policy for Fedora > 7, and if you are running something like NIS you might need to turn on > certain selinux booleans. > >> I have every update for F7 on this machine now. I have no idea what >> NIS is. > setsebool -P allow_ypbind 1 > > Which will allow your system to use NIS. > > The bugs/avc's you reported earlier do not look like SELinux was going > nuts. > > >> SELinux was not nuts. It was sending endless messages to dbox which >> was mal-functioning. There is a bug in dbox. > It is also feasable that you are running a file system reiser? that > SElinux does not support. Or there is some problem that adding of file > context to your machine triggered. > > >> Nope all my file systems are EXT3. > I have not heard of SELinux in permissive mode causing the types of > problems that you say occured on your machine. > > >> I think I got a SELinux update the day before the problem. This >> caused SELinux to send out new data and the bug hit. Every time I get a >> SELinux update I will relabel the files. > No need to do this. The labeling should be fine. > > > Dan > >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHE4PZrlYvE4MpobMRAqwaAJ9Oe8un03B4L4PFFRjtdECYAVFv7wCgk/PI yxu7K7QkIT5uAppyACyMTYY= =oXrT -----END PGP SIGNATURE-----