Where can I find SELinux knowledge
Thomas Cameron
thomas.cameron at camerontech.com
Fri Aug 15 20:56:04 UTC 2014
On 08/15/2014 12:45 PM, Rick Stevens wrote:
> On 08/15/2014 07:40 AM, Robert Moskowitz issued this missive:
>> The setup is armv7 (Allwinner A20 based Cubieboard)
>> F19 remix kernel
>> Redsleeve EL6
>>
>> SELinux is coming up disabled, and I can't figure out what is needed.
>> And no help on the Redsleeve list, as its heritage is armv5 and the
>> kernels for them do not seem to have SElinux support, so no experience
>> with enabling it.
>
> Uhm, edit /etc/selinux/config and make sure you have
>
> SELINUX=enforcing
>
> set and then reboot?
Don't do that. Set it to permissive, touch /.autorelabel and reboot.
It'll relabel the filesystem and you can check the logs for any obvious
problems.
Better to read the slides and watch the video mentioned below.
>> Of course there is the 'age' mismatch of F19 kernel and EL6, don't know
>> if that is an issue.
>
> Uhm, it may. It depends on if the SELinux rulesets are compatible. I
> think you'll be OK as long as you have current selinux-policy* and
> libselinux-* RPMs installed.
>
>> Centos7 for arm is aways off, so for now production is RSEL.
>> And F21 is also aways off and F20 is a remix; I AM working with it for
>> some cases.
Check out SELinux for Mere Mortals from Summit 2014 at
http://people.redhat.com/tcameron/
Also maybe https://www.youtube.com/watch?v=MxjenQ31b70
Hope this helps!
Thomas Cameron
More information about the users
mailing list