| 1 |
On Sat, Feb 18, 2012 at 11:13:36AM +0100, TomᨠDobrovolný wrote: |
| 2 |
> I have installed new machine using |
| 3 |
> http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml . |
| 4 |
> Everything was in order. But when I restart in "full function SELinux" |
| 5 |
> in permissive mode in my log are following avc errors. I think, I forgot |
| 6 |
> to install something, or turn on. |
| 7 |
[...] |
| 8 |
|
| 9 |
From the denials and your kernel configuration, I think you are using an |
| 10 |
initrd or initramfs system. Currently, we do not support SELinux when using |
| 11 |
initrd/initramfs because the suckers don't play well. There's an open bug on |
| 12 |
it, and I hope I can get us with a working initramfs soon. |
| 13 |
|
| 14 |
But for the mean time, either drop the initramfs/initrd system, or boot in |
| 15 |
permissive mode and switch to enforcing during the boot-up (for instance |
| 16 |
through an init script in the boot runlevel). |
| 17 |
|
| 18 |
Wkr, |
| 19 |
Sven Vermeulen |
Archives