sellinux line command
Paul Howarth
paul at city-fan.org
Mon Oct 2 07:43:38 UTC 2006
On Mon, 2006-10-02 at 00:13 -0700, Fred J. wrote:
> Hi
> while following the stops to install JRE as per
> http://stanton-finley.net/fedora_core_5_installation_notes.html
>
>
> the instruction which says:
> If you have not already done so go to "System" > "Administration" >
> "Security Level and Firewall". Enter your root password and click
> "ok". On the "SELinux" tab click on "Modify SELinux Policy", click on
> "Compatibility" to open it and tick the check box next to "Allow the
> use of shared libraries with Text Relocation". Click "ok". Reboot your
> machine to implement the new SELinux policy.
>
> I don't have kde or gnome and neither of the following seams to match
> what the article is talking about.
> # system-config-securitylevel
> # system-config-securitylevel-tui
This action sets the allow_execmod SELinux boolean. You could do that
from the command line without using system-config-securitylevel as
follows:
# setsebool -P allow_execmod 1
There is no need to reboot after doing this.
However, this is not the best way of solving the problem, as it relaxes
security much more than necessary. A better way would be to set the
SElinux context type of the java libraries to textrel_shlib_t, which
would have the same effect but only for those particular libraries.
Paul.
More information about the selinux
mailing list