Peter Joseph wrote:
>While experimenting with SELinux, I finally managed to lock myself out of
the
system. The only way to get back in, I had >to add "selinux=0" to the
end of the kernel line.
>Now, if I run in a permissive mode the following message appears
when I
try to log in:
>"Could not connect to session bus: An SELinux policy prevents this sender
from sending this message to this recipient >(rejected message had sender
"(unset)" interface "org.freedesktop.DBus" member "Hello"
error name
"(unset)" destination >"org.freedesktop.DBus)."
>I am forced to go back to the grub prompt and disable SELinux again, in
order to
get in. What is the best way to reset >SEL to its original state?
Problem solved.
Appending selinux=0 to the end of the kernel line enabled me to get back
into the system, however, I found no way of working with SELinux on account
of it being disabled.
Appending unconfined_login = 1 instead, brought me to a root prompt with
SELinux enabled.
Used the following to check and restore:
# getsebool unconfined_login
unconfined_login --> off
# setsebool -P unconfined_login=1
# getsebool unconfined_login
unconfined_login --> on
# poweroff
One thing though, the "unconfined_login = 1" added to the kernel line has to
contain a space before and after the equal sign.
--
View this message in context:
http://www.nabble.com/SELinux-Reset-tp24855587p24905702.html
Sent from the Fedora SELinux List mailing list archive at
Nabble.com.