Re: Has the boot param syntax/semantics changed?

------------------------------------------------------------------------ * /From/: Bob Gustafson <bobgus rcn com> ------------------------------------------------------------------------ [root hoho2 user1]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcinfg - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. #SELINUX=disabled SELINUX=enforcing SELINUXTYPE=strict POLICYTYPE=strict [root hoho2 user1]# Then I changed the /etc/selinux/config to the version shown below and rebooted. I got far less messages, and I was even able to go to root when clicking on gnome applications that required higher priority (with above config contents, whatever I typed was not enough, gnome kept coming back for more) [root hoho2 user1]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcinfg - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. #SELINUX=disabled SELINUX=enforcing #SELINUXTYPE=strict SELINUXTYPE=permissive POLICYTYPE=strict [root hoho2 user1]# My assumption has been that the boot parameters override the contents of the /etc/selinux/config file, and that the boot param 'enforcing=0' will make the selinux a permissive one. Have these assumptions changed?