Re: Unable to activate SELinux (on RHEL 6.2)

Hi all, I'm having trouble to active SELinux on our RHEL 6 Linux system. We have some sort of special installation framework (cobbler and puppet) and initially disabled SELinux (which is fine) [output from Kickstart] ... selinux --disabled ... %packages --excludedocs --nobase kernel yum openssh-server openssh-clients audit logrotate tmpwatch vixie-cron crontabs ksh ntp perl bind-utils sudo which sendmail wget redhat-lsb rsync authconfig lsof unzip sharutils logwatch libacl nfs-utils lcsetup -firstboot -tftp-server -system-config-soundcard -libselinux-python -selinux-policy -libselinux-utils -selinux-policy-targeted ... But for some high Security Risk systems, it's required to turn it on anyway. So I followed the guidance on: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Securi ty-Enhanced_Linux/sect-Security-Enhanced_Linux-Working_with_SELinux-Enab ling_and_Disabling_SELinux.html to enable SELinux again on these systems Unfortunately does the system not initiate SELinux correctly nor do I see any hint where the problem is: tgl90a-8401 root:/etc/init $ sestatus SELinux status: disabled tgl90a-8401 root:/etc/init $ cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted The only thing I can see is: tgl90a-8401 root:/etc/init $ cat /var/log/messages Jun 13 13:41:30 tgl90a-8401 kernel: SELinux: Initializing. Does anybody know if I need additional packages on the system or any special setting set? If tried "permissive" mode with /.autorelable - which didn't work either I also installed @Base Group to ensure nothing is missing - but still the same result I've tried it with the same setup on RHEL 5 which perfectly worked - but not on RHEL 6! So I'm really looking forward to get some hints/tips Thanks and all the best, Si -- selinux mailing list selinux(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/YioAACgkQrlYvE4MpobMTLACfRNVKTiMaNIdP0R4KeS59srbl nUkAoOXefWtKyw+Dciq1Yt1N2hmQdr2Y =dNZV -----END PGP SIGNATURE-----