On Wed, 7 Jul 2004, Stephen Smalley wrote:
On Wed, 2004-07-07 at 15:38, Kirk Vogelsang wrote:
I've got slimmed down Fedora Core2 that doesn't seem to want to enable selinux after rpm -U'ing the following packages:
policycoreutils-1.14.1-1 selinux-policy-strict-1.14.1-2 libselinux-1.14.1-1
After upgrading to those packages, booting to single user, running fixfiles relabel, and rebooting once more, the system comes up selinux disabled. I've verified /etc/selinux/config SELINUX=permissive and SELINUXTYPE=strict. /etc/sysconfig/selinux sym-links to /etc/selinux/config. Policy resides in /etc/selinux/strict/policy/. Stock FC2 kernel, 2.6.5-1.358smp. I've tried appending selinux in grub as well, to no avail.
What minute detail am I missing?
Update to the latest SysVinit package from the development tree. There are also other relevant packages, e.g. usermode.
That did it, thanx.
Having a problem w/ sudo now however:
$ rpm -q selinux-policy-strict sudo selinux-policy-strict-1.14.1-2 sudo-1.6.7p5-27 $ id uid=600(admin) gid=600(admin) groups=10(wheel),600(admin) context=user_u:user_r:user_t $ sudo sh sudo: unable to exec /usr/sbin/sesh: Permission denied $ dmesg audit(1089381994.953:0): avc: denied { execute_no_trans } for pid=845 exe=/usr/bin/sudo path=/usr/sbin/sesh dev=sda3 ino=32091 scontext=user_u:user_r:user_sudo_t tcontext=system_u:object_r:shell_exec_t tclass=file
I receive the same results if running in staff_r or sysadm_r as well.
----- Kirk M. Vogelsang kvogelsa@ccs.neu.edu Northeastern University College of Computer Science