SE alert
jd1008
jd1008 at gmail.com
Tue Jul 21 22:36:43 UTC 2015
On 07/21/2015 06:49 AM, Daniel J Walsh wrote:
> On 07/20/2015 03:49 PM, jd1008 wrote:
>>
>> On 07/20/2015 01:42 PM, Martin Cigorraga wrote:
>>> Hi,
>>>
>>> ~ getenforce
>>> Enforcing
>>>
>>> Please be aware that setenforce will only change the mode SELinux is
>>> running in. For a permanent change, you have to edit the
>>> configuration file.
>>>
>> I already stated that /etc/sysconfig/selinux says (and did say when my
>> system was in permissive mode):
>>
>> #
>> $ sudo cat /etc/sysconfig/selinux
>>
>> # This file controls the state of SELinux on the system.
>> # SELINUX= can take one of these three values:
>> # enforcing - SELinux security policy is enforced.
>> # permissive - SELinux prints warnings instead of enforcing.
>> # disabled - No SELinux policy is loaded.
>> SELINUX=enforcing
>> # SELINUXTYPE= can take one of these two values:
>> # targeted - Targeted processes are protected,
>> # minimum - Modification of targeted policy. Only selected
>> processes are protected.
>> # mls - Multi Level Security protection.
>> SELINUXTYPE=targeted
>>
>> Thus going into permissive mode was not done by me.
>> As I also stated, this is a fresh install since mid-day, yesterday,
>> with only yum update bringing in new versions of packages.
>>
>>
> You can just run
>
> # restorecon -R -v /
>
> From the booted machine.
After running the command, and rebooting, I am still
getting 14 alerts.
2 of them caused by lightdm: one for append access and the other for
write access.
12 of them are cause by python 2.7; one of which is for execute access
and the rest
are for write access.
More information about the users
mailing list