Jim Cornette wrote:
Gene Heskett wrote:
Except that 4 reboots later I have not succeeded in getting the
relabel to work. I've tried SELINUX=disabled and SELINUX=permissive
in /etc/selinux/config while leaving the SELINUXTYPE=targeted setting.
So what actually is the magic incantation that will make this work?
Your method was ignored, and the manpages method is also being
ignored, or is wrong. ISTR the touch /.autorelabel did work once,
and the /.autorelabel was auto-removed, but is not now. It still
exists right now.
[root@diablo /]# ls -l /.autorelabel
-rw-r--r-- 1 root root 0 May 4 21:13 /.autorelabel
The most sure way for me to relabel the system was to boot with
selinux disabled and into runlevel 1. (Add selinux=0 1 to kernel
stanza by appending to grub boot line)
I then would run 'fixfiles relabel' and also get rid of the contents
of /tmp when prompted.
I would then reboot the system normally. A drawback is that the system
goes into another relabeling since selinux was disabled completely by
the above steps.
I have relabeled using touch /.autorelabel and also relabeled by
appending autorelabel to the grub stanza. For severe labeling
problems, the first choice seems to work best.
Another way to relabel is by changing the setting in
system-config-securitylevel. The system should relabel on reboot.
I've also done that too. So I guess I'll try to teleinit 1 and try that
method. selinux is disabled ATM. Back later.
Jim
--
Cheers, Gene
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
