Re: [Fedora] Re: SELinux Attack!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Alan M. Evans wrote:

On Fri, 2007-10-12 at 12:09 -0600, Karl Larsen wrote:
Well I used the edit mode at /etc/sysconfig/selinux and there was nothing to do. It says that it is in the disabled mode but it isn't. Where else can I look? All the things on the gui say that selinux is turned off because I did that 4 times. But dmesg says that my computer is coming up in the passive mode. There MUST be a way to stop this :-( 

At the point you see

        SELinux:  Initializing.
        SELinux:  Starting in permissive mode

the kernel has barely detected the CPU, memory, and system bus. Of
course it has to start up in some mode before it's able to read the
config file. Search further down and you will see 
        SELinux:  Disabled at runtime.

I'm not absolutely certain, but I'd guess that this is still long before
CUPS starts.



Well this is what I saw and thought it was accurate:

     .text : 0xc0400000 - 0xc060f3a8   (2108 kB)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
SLUB: Genslabs=22, HWalign=64, Order=0-1, MinObjects=4, CPUs=1, Nodes=1
Calibrating delay using timer specific routine.. 3618.46 BogoMIPS (lpj=1809234) 
Security Framework v1.0.0 initialized
SELinux:  Initializing.
SELinux:  Starting in permissive mode
selinux_register_security:  Registering secondary module capability
Capability LSM initialized as secondary
Mount-cache hash table entries: 512

The next place I see selinux it says:

VFS: Disk quotas dquot_6.5.1
Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
SELinux:  Registering netfilter hooks
ksign: Installing public key data


OK! I found it. And it says selinux is off:

EXT3-fs: mounted filesystem with ordered data mode.
SELinux:  Disabled at runtime.
SELinux:  Unregistering netfilter hooks
audit(1192181814.563:2): selinux=0 auid=4294967295
Thank you! Others of course claim I do not listen to them. But that is not the case. I listen and when what they are wrong I may just not write anything. 




--

	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux