| 1 |
Mike Edenfield schrieb: |
| 2 |
> Markus Bartl wrote: |
| 3 |
>> Hi there. |
| 4 |
>> |
| 5 |
>> Ive got my SELinux kernel up and running. |
| 6 |
>> What im wondering about is that i can restart services without |
| 7 |
>> changing to the sysadm_r role. |
| 8 |
> |
| 9 |
> Are you prompted for the root password when you execute one of the |
| 10 |
> init.d scripts? And are you in permissive mode or enforcing mode? |
| 11 |
> |
| 12 |
> In general, a *lot* of strange problems with SELinux are caused by |
| 13 |
> mislabeled file systems. If certain executables aren't labeled |
| 14 |
> correctly, even in permissive mode, it will prevent the correct |
| 15 |
> transitions from happening and produce odd symptoms later on. One |
| 16 |
> common symptom of this is the rc system not cooperating with SELinux. |
| 17 |
> |
| 18 |
> I would suggest you relabel everything: rlpkg -a -r |
| 19 |
> then reboot and see if your behavior is more what you expected. |
| 20 |
> |
| 21 |
> --K |
| 22 |
> |
| 23 |
Hi there. |
| 24 |
|
| 25 |
Do i have to relabel while being in the sysadm_r role? |
| 26 |
Im running in permissive mode. If i change to enforcing i cant even do |
| 27 |
an ls on my own (/root) directory without changing to sysadm_r. |
| 28 |
Many strange things... |
Archives