[Fedora] Re: SELinux Attack!
Karl Larsen
k5di at zianet.com
Fri Oct 12 18:50:29 UTC 2007
Ashley M. Kirchner wrote:
> Karl Larsen wrote:
>> Well it has been SELINUX=disabled for quite a while after I had the
>> problem, but when I read dmesg after reboot I still see
>> SELINUX=passive. So there is something not right yet.
>
> Do yourself a favor and scan for ALL SELinux messages in dmesg, not
> just the first occurrence you see:
>
> This is what it says on a server where I have it disabled:
>
> :~> grep SELinux /var/log/dmesg
> SELinux: Initializing.
> SELinux: Starting in permissive mode
> SELinux: Registering netfilter hooks
> SELinux: Disabled at runtime.
> SELinux: Unregistering netfilter hooks
>
> As you can see, yes SELinux does come up active, but then gets
> disabled further down into the boot sequence.
>
Yes exactly. and I like your knowlegable way of finding out. I am never
sure what grep wants to work. But yours works just fine and easier than
looking down the list.
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
More information about the users
mailing list