-----Original Message----- From: fedora-selinux-list-bounces@redhat.com [mailto:fedora-selinux-list-bounces@redhat.com] On Behalf Of Gene Czarcinski Sent: Thursday, March 25, 2004 5:13 PM To: fedora-selinux-list@redhat.com Subject: Re: How to start using selinux?
On Thursday 25 March 2004 14:09, Richard Hally wrote:
Here are a couple of links to HOWTOs
https://sourceforge.net/docman/display_doc.php?docid=20372&group_id=2126...
https://sourceforge.net/docman/display_doc.php?docid=21959&group_id=2126...
Thanks. There are good but ..
What I am looking for is something a bit more "cook bookish". Since the default (current snapshot of FC2 development) is to install with selinux
set
to enforcing, I am expecting the system to come up (it does not) and then some "cook book" instructions on setting things up so I can begin plying
with
things. Right now if I bootup with selinux set to enforcing, I cannot do anything .. even login.
The recommended way to start off is in permissive mode. Kernel ...253.2.1 does not start in enforcing mode automatically by default.
I was hoping to see something with selinux running where I could then work (play) with the system to understand selinux configuration and usage.
One thing you can do is duplicate the lines in grub for a particular kernel and add ENFORCING to the title and enforcing=1 to the end of the kernel line. That way you can start off in either mode.
The way to see which mode is to "cat /selinux/enforce" 0 is permissive. To change to enforcing while running "echo 1 > /selinux/enforce".
Right now, booting up in single user mode is my most useful too since that
is
the only way I have found to get out of enforcing mode.
<snip>
Richard Hally
selinux@lists.fedoraproject.org
-
Richard Hally