Selinux so badly corrupted machine can't start
Tony Nelson
tonynelson at georgeanelson.com
Tue Jun 19 14:56:42 UTC 2007
At 9:55 AM -0400 6/19/07, Daniel J Walsh wrote:
>Tony Nelson wrote:
>> At 9:39 AM +0930 6/19/07, Tim wrote:
>>
>>> Michael Wiktowy:
>>>
>>>>> Couldn't you just change your grub entry to include enforcing=0 at the
>>>>> boot menu without the Rescue CD step?
>>>>>
>>> Tony Nelson:
>>>
>>>> How would that create the file /.autorelabel? How would you plan to edit
>>>> grub.conf when the system won't boot due to SELinux labeling issues?
>>>>
>>> You don't have to edit the file, just add the parameters to the kernel
>>> line through the GRUB interface. SELinux isn't part of the equation
>>> until after GRUB has handed off to the OS.
>>>
>> ...
>>
>> OK, enquiring minds want to know those kernel parameters. Start with
>> "enforcing=0", and make it relabel -- but don't do a `touch /.autorelabel`
>> first.
>>
>Kernal parameters available
>
>enforcing=0 (Boots in permissive Mode)
>selinux=0 (Boots with SELinux disabled, will cause a relabel to happen
>next time you boot with SELinux enabled)
>autorelabel=1 (Does the same thing as touch /.autorelabel; reboot)
Thanks. How about adding that last one to
<http://danwalsh/livehournal.com/3144.html> ?
--
____________________________________________________________________
TonyN.:' <mailto:tonynelson at georgeanelson.com>
' <http://www.georgeanelson.com/>
More information about the users
mailing list