| 1 |
Dne 19.2.2012 09:55, Sven Vermeulen napsal(a): |
| 2 |
> On Sat, Feb 18, 2012 at 11:13:36AM +0100, TomᨠDobrovolný wrote: |
| 3 |
>> I have installed new machine using |
| 4 |
>> http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml . |
| 5 |
>> Everything was in order. But when I restart in "full function SELinux" |
| 6 |
>> in permissive mode in my log are following avc errors. I think, I forgot |
| 7 |
>> to install something, or turn on. |
| 8 |
> [...] |
| 9 |
> |
| 10 |
> From the denials and your kernel configuration, I think you are using an |
| 11 |
> initrd or initramfs system. Currently, we do not support SELinux when using |
| 12 |
> initrd/initramfs because the suckers don't play well. There's an open bug on |
| 13 |
> it, and I hope I can get us with a working initramfs soon. |
| 14 |
> |
| 15 |
> But for the mean time, either drop the initramfs/initrd system, or boot in |
| 16 |
> permissive mode and switch to enforcing during the boot-up (for instance |
| 17 |
> through an init script in the boot runlevel). |
| 18 |
> |
| 19 |
> Wkr, |
| 20 |
> Sven Vermeulen |
| 21 |
> |
| 22 |
> |
| 23 |
|
| 24 |
I have had enabled initrd/initramfs parts in my kernel configuration, |
| 25 |
but I don't use it to boot my system. I try to disable it completely and |
| 26 |
I will see. |
| 27 |
|
| 28 |
Thanks |
| 29 |
-- |
| 30 |
Tomas Dobrovolny |
Archives