1 |
Mike Edenfield schrieb: |
2 |
> Markus Bartl wrote: |
3 |
>> Hi there. |
4 |
>> |
5 |
>> Ive got my SELinux kernel up and running. |
6 |
>> What im wondering about is that i can restart services without |
7 |
>> changing to the sysadm_r role. |
8 |
> |
9 |
> Are you prompted for the root password when you execute one of the |
10 |
> init.d scripts? And are you in permissive mode or enforcing mode? |
11 |
> |
12 |
> In general, a *lot* of strange problems with SELinux are caused by |
13 |
> mislabeled file systems. If certain executables aren't labeled |
14 |
> correctly, even in permissive mode, it will prevent the correct |
15 |
> transitions from happening and produce odd symptoms later on. One |
16 |
> common symptom of this is the rc system not cooperating with SELinux. |
17 |
> |
18 |
> I would suggest you relabel everything: rlpkg -a -r |
19 |
> then reboot and see if your behavior is more what you expected. |
20 |
> |
21 |
> --K |
22 |
> |
23 |
Hi there. |
24 |
|
25 |
Do i have to relabel while being in the sysadm_r role? |
26 |
Im running in permissive mode. If i change to enforcing i cant even do |
27 |
an ls on my own (/root) directory without changing to sysadm_r. |
28 |
Many strange things... |