MLS and back from runlevel 3
Daniel J Walsh
dwalsh at redhat.com
Fri Apr 15 13:17:37 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/15/2011 09:07 AM, Szabo Akos wrote:
> Hi,
>
> On Thu, Apr 14, 2011 at 11:26:28AM -0400, Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 04/14/2011 10:50 AM, Szabo Akos wrote:
>>> Hi,
>>>
>>> On Tue, 2011-04-12 at 08:59 +0200, mgrepl wrote:
>>>>>> Hi 2 all,
>>>>>>
>>>>>> As the http://fedoraproject.org/wiki/SELinux/FedoraMLSHowto said:
>>>>>>
>>>>>>
>>>>>> Configure the system to boot into run level 3 by default:
>>>>>>
>>>>>> perl -p -i -e "s/^id:5:initdefault:/id:3:initdefault:/g" /etc/inittab
>>>>>>
>>>>>> The when SE Linux execute MLS Policy instead of targeted, the system boots
>>>>>> always in runlevel3 mode?
>>>>>>
>>>>>> I would like to run PostgreSQL DBMS based on MLS security policy.
>>>>>> But when the system boot in runlevel 3, I have som problems.
>>>>>>
>>>>>> Is there any Idea that I come back to previous run level?
>>>>>> How ever when I did it, my screen was blinking, then I have nothing(black screen).
>>>>>>
>>>>>> The system is Fedora 14, I have just installed selinux-policy-mls-3.9.7-38.fc14.noarch.rpm.
>>>>>>
>>>>>> Regards,
>>>>>> Flora
>>>
>>>>> You can run at Higher Runlevels the Runlevel 3 in Fedora. We only
>>>>> support Runlevel 3 in RHEL. (Server only mode).
>>>>>
>>>>> mls policy should mostly work on a desktop environment.
>>>> You might want to try to boot with
>>>>
>>>> enforcing=0
>>>>
>>>> on the kernel line.
>>>
>>> I try it on fedora 14, wothout succes, the X was killed /I'm using
>>> proprietary nvidia drv/, crontabs not working, etc.
>>
>> I would boot in permissive mode and send us the audit.log.
>
>
>
> Yes, of course, I attache it. If You need, I've got the dmesg output too, but it's 72KB.
>
> Üdvözlettel:
> Fonya
>
> Küldetésem ösztönözni az ütemes akció-rádiuszt.
> PGP key ID F86614E5, GPG key ID 83AD9365
You are logging into the system as user_t, which is a non privledged
user and then trying to do administration. You want to setup your
account to login as staff_t and then newrole to sysadm_t or setup sudo
to automatically transition you to sysadm_t. Then you can do your admin
functions as sysadm_t.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2oRXEACgkQrlYvE4MpobOKhQCgho2bFOzc8u8brbWeMLeXbce8
i2sAoJQHtxFviG4Et/zJdYzy45jxRVka
=E2mB
-----END PGP SIGNATURE-----
More information about the selinux
mailing list