MLS and back from runlevel 3
Szabo Akos
fonya at fatav.hu
Fri Apr 15 13:31:05 UTC 2011
Hi,
On Fri, 2011-04-15 at 09:17 -0400, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/15/2011 09:07 AM, Szabo Akos wrote:
> > Hi,
> >
> > On Thu, Apr 14, 2011 at 11:26:28AM -0400, Daniel J Walsh wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> On 04/14/2011 10:50 AM, Szabo Akos wrote:
> >>> Hi,
> >>>
> >>> On Tue, 2011-04-12 at 08:59 +0200, mgrepl wrote:
> >>>>>> Hi 2 all,
> >>>>>>
> >>>>>> As the http://fedoraproject.org/wiki/SELinux/FedoraMLSHowto said:
> >>>>>>
> >>>>>>
> >>>>>> Configure the system to boot into run level 3 by default:
> >>>>>>
> >>>>>> perl -p -i -e "s/^id:5:initdefault:/id:3:initdefault:/g" /etc/inittab
> >>>>>>
> >>>>>> The when SE Linux execute MLS Policy instead of targeted, the system boots
> >>>>>> always in runlevel3 mode?
> >>>>>>
> >>>>>> I would like to run PostgreSQL DBMS based on MLS security policy.
> >>>>>> But when the system boot in runlevel 3, I have som problems.
> >>>>>>
> >>>>>> Is there any Idea that I come back to previous run level?
> >>>>>> How ever when I did it, my screen was blinking, then I have nothing(black screen).
> >>>>>>
> >>>>>> The system is Fedora 14, I have just installed selinux-policy-mls-3.9.7-38.fc14.noarch.rpm.
> >>>>>>
> >>>>>> Regards,
> >>>>>> Flora
> >>>
> >>>>> You can run at Higher Runlevels the Runlevel 3 in Fedora. We only
> >>>>> support Runlevel 3 in RHEL. (Server only mode).
> >>>>>
> >>>>> mls policy should mostly work on a desktop environment.
> >>>> You might want to try to boot with
> >>>>
> >>>> enforcing=0
> >>>>
> >>>> on the kernel line.
> >>>
> >>> I try it on fedora 14, wothout succes, the X was killed /I'm using
> >>> proprietary nvidia drv/, crontabs not working, etc.
> >>
> >> I would boot in permissive mode and send us the audit.log.
> >
> >
> >
> > Yes, of course, I attache it. If You need, I've got the dmesg output too, but it's 72KB.
> >
> > Üdvözlettel:
> > Fonya
> >
> > Küldetésem ösztönözni az ütemes akció-rádiuszt.
> > PGP key ID F86614E5, GPG key ID 83AD9365
>
>
> You are logging into the system as user_t, which is a non privledged
> user and then trying to do administration. You want to setup your
> account to login as staff_t and then newrole to sysadm_t or setup sudo
> to automatically transition you to sysadm_t. Then you can do your admin
> functions as sysadm_t.
No, I don't want to admin the system, but somehow I need to copy the
audit.log file :) /and starting auditd/.
Do You need another auditd log, when stating it with the system, and I
using my notebook, just a simple user?
--
Szabó Ákos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20110415/4f092772/attachment.bin
More information about the selinux
mailing list