SE alert

jd1008 jd1008 at gmail.com
Tue Jul 21 22:36:43 UTC 2015



On 07/21/2015 06:49 AM, Daniel J Walsh wrote:
> On 07/20/2015 03:49 PM, jd1008 wrote:
>>
>> On 07/20/2015 01:42 PM, Martin Cigorraga wrote:
>>> Hi,
>>>
>>> ~ getenforce
>>> Enforcing
>>>
>>> Please be aware that setenforce will only change the mode SELinux is
>>> running in. For a permanent change, you have to edit the
>>> configuration file.
>>>
>> I already stated that /etc/sysconfig/selinux says (and did say when my
>> system was in permissive mode):
>>
>> #
>> $ sudo cat /etc/sysconfig/selinux
>>
>> # This file controls the state of SELinux on the system.
>> # SELINUX= can take one of these three values:
>> #     enforcing - SELinux security policy is enforced.
>> #     permissive - SELinux prints warnings instead of enforcing.
>> #     disabled - No SELinux policy is loaded.
>> SELINUX=enforcing
>> # SELINUXTYPE= can take one of these two values:
>> #     targeted - Targeted processes are protected,
>> #     minimum - Modification of targeted policy. Only selected
>> processes are protected.
>> #     mls - Multi Level Security protection.
>> SELINUXTYPE=targeted
>>
>> Thus going into permissive mode was not done by me.
>> As I also stated, this is a fresh install since mid-day, yesterday,
>> with only yum update bringing in new versions of packages.
>>
>>
> You can just run
>
> # restorecon -R -v /
>
>  From the booted machine.
After running the command, and rebooting, I am still
getting 14 alerts.
2 of them caused by lightdm: one for append access and the other for 
write access.
12 of them are cause by python 2.7; one of which is for execute access 
and the rest
are for write access.




More information about the users mailing list