If not, I suggest you reboot single-user mode, and then run 'fixfiles relabel'. You probably want fixfiles to clean out /tmp, so move/copy anything you need before running it.
tom ------------------------------------------------------------------------
* /From/: Richard Hally <rhally mindspring com> * /To/: fedora-selinux-list redhat com * /Subject/: enforcing mode problems * /Date/: Tue, 08 Jun 2004 22:43:44 -0400
------------------------------------------------------------------------
when running with the latest "strict" policy in enforcing mode, 'su -' does not work.
[richard new2 richard]$ su - Password: could not open session
(ctrl-alt-f1 to a console, switch to permissive)
[richard new2 richard]$ su - Password: [root new2 root]#
It works but does't ask if I want a different context.
When I went to the console it asked if I wanted a different context. Attached is the syslog messages file.
Please see the attached messages file for other "AVC denied" messages as well.
HTH Richard Hally
p.s. [root new2 root]# rpm -q selinux-policy-strict selinux-policy-strict-1.13.4-2
