Yeah, got it.
I have my params set to:
[root@hoho2 etc]# cat selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcinfg - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
Also just for good measure - my boot params are 'selinux=1 enforcing=0'
Would be nice if the routines parsing these values would holler out if
there are syntax errors (or manual mis-readings.., incorrect values, etc.)
On Mon, 28 Jun 2004 20:58:10 -0700, Tom London wrote:
Yeah, you don't want to set SELINUXTYPE to permissive. That
same as selecting the 'targeted' policy. (I guess, 'not strict').
(The comment in the config file says SELINUXTYPE can take one of two
values, targeted or strict).
To select permissive mode, you set SELINUX=permissive. For me, setting
SELINUX to permissive is the same as booting with 'enforcing=0'.