Re: selinux eradicator?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



on 6/28/2007 3:13 PM, Karl Larsen wrote:
> Matthew J. Roth wrote:
>> Karl Larsen wrote:
>>> This tells me that init is running a selinux demon and I know how to 
>>> stop that I think. I looked at /etc/rc.d/init.d/ but no selinux 
>>> switch. So I ask where in hell is it?
>>>
>>> [root@k5d init.d]# whereis selinux
>>> selinux: /etc/selinux /usr/include/selinux /usr/share/selinux 
>>> /usr/share/man/man8/selinux.8.gz
>>> [root@k5d init.d]#
>>>
>>> So there is some reading that needs doing.
>> Karl,
>>
>> The SELinux settings are contained in "/etc/sysconfig/selinux".  I 
>> have SELinux disabled, and the file looks like this:
>>
>> [root@server ~]# cat /etc/sysconfig/selinux
>> # This file controls the state of SELinux on the system.
>> # SELINUX= can take one of these three values:
>> #       enforcing - SELinux security policy is enforced.
>> #       permissive - SELinux prints warnings instead of enforcing.
>> #       disabled - SELinux is fully disabled.
>> SELINUX=disabled
>> # SELINUXTYPE= type of policy in use. Possible values are:
>> #       targeted - Only targeted network daemons are protected.
>> #       strict - Full SELinux protection.
>> SELINUXTYPE=targeted
>>
>> Note that any changes to this file require a reboot to take affect.  
>> "sestatus" can then be used to verify the change:
>>
>> [root@server ~]# sestatus
>> SELinux status:         disabled
>>
>> Matthew Roth
>> InterMedia Marketing Solutions
>> Software Engineer and Systems Developer
>>
> Boy! What a gold mine of information! No reason for anyone to complain 
> about selinux any more. I did what is above and it was easy with the joe 
> editor. But I need to set it to put the original in /tmp/ :-)    I'm 
> tired of rm *~ which works but geeze.
> 
> Then a reboot and a test:
> 
> [root@k5d ~]# sestatus
> SELinux status:                 disabled
> [root@k5d ~]#
> 
> So I can't complain about it again. It sure was a lot less obvious in FC4.
> 
> Karl
> 


Good for you!!!!

What you just did was something like:

Build a house.
Put everything valuable that you own into it.
Disable all of the locks.
Open all of the windows and doors.

And then walk away.

Makes it really easy for the 'bad guys' to steal, or break, your stuff.
Like that guy at the University that you mentioned earlier.

-- 

  David




Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux