Bob Gustafson wrote:
snip
----- I do have a few questions though - some may be OT -----
Yum must have a different header cache as the command line below refetched a lot of header files. The sources file for my up2date contains 'yum' lines - why is it not the same cache.
yes, different designs and history. yum cache is /var/cache/yum/. up2date is /var/spool/up2date/.
[root@hoho2 user1]# yum install setools*
you usually need to escape the * ...setools\*
snip
The sound card thing may be independent of SELinux but related to whether you did a fresh install or just did updates.
Seems to be a problem with the sound card stuff - even though it is not enforcing at the moment. It worked before SELinux.
--- Note that it really is enforcing ---
[user1@hoho2 user1]$ od -c /selinux/enforce 0000000 1 0000001 [user1@hoho2 user1]$
--- However the /etc/sysconfig/selinux file still says 'disabled'
[root@hoho2 user1]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcinfg - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled [root@hoho2 user1]# date Tue May 4 20:35:31 CDT 2004 [root@hoho2 user1]#
(Note typo in the enforcing line of this file)
Maybe the grub kernel line overrides whatever is in this file? Perhaps the information in this file controls the boot situation when there is no additional boot grub parameter?
Yes, the kernel line overrides the /etc/sysconfig/selinux. Correct on the second part also.
up2date does not work with enforcing=1
I haven't tried up2date in a while. Yum works for me in enforcing mode.
I noticed that there were a bunch more update files available, so I installed all (including the 349 kernel), and then rebooted with enforcing=1
with the 349 kernel check if you are actually "enforcing" with the getenforce command(or cat /selinux/enforce). Change on the fly with setenforce [0|1].
HTH Richard Hally