I have followed the same steps what you are given the information to change the libc.so.6 file label. Now user will be able to login to the system it not showing any error message while login time. But still i am not able do system restart services. Now it showing error message is unrecognized service.
I have received the following error messages.
[root@turtle11 ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissiveSELinuxfs mount: /selinux
Mode from config file: enforcing
Policy version: 21
Policy from config file: mls
[root@turtle11 ~]# service nfs restart
Shutting down NFS mountd: [ OK ]Shutting down NFS daemon: [ OK ]
Shutting down NFS quotas: [ OK ]
Shutting down NFS services: [ OK ]
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS daemon: [ OK ]
Starting NFS mountd: [ OK ]
[root@turtle11 ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 21
Policy from config file: mls
[root@turtle11 ~]# service nfs restart
nfs: unrecognized service[root@turtle11 ~]# service ldap restart
ldap: unrecognized service
[root@turtle11 ~]# service samba restart
samba: unrecognized service
[root@turtle11 ~]# service named restart
named: unrecognized service
[root@turtle11 ~]#
Please help me, what should i do.
Thanks,
prakash
On Tue, Jun 10, 2008 at 5:37 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
This suggests that libc.so.6 has the wrong label. In older versions of
On Tue, 2008-06-10 at 17:14 +0530, prakash hallalli wrote:
> Hi All
>
> I have configured SELinux on ContOS 5.1. I have configured the RBAC
> using MLS (Multilevel Security) Policy.
> Now i am trying to restart the system services and they are not
> restarting and it is throwing some error message.
> I have a question here, with mls policy enabled will i be able to
> restart the system service? If yes then what to do and If no what is
> the reason?
>
> Steps to reproduce:
>
> 1) MLS Policy configuration.
>
> 1. Install selinux-policy-mls
> 2. Set SELINUXTYPE=MLS in /etc/selinux/config file
> 3. touch ./autorelabel; on root's home directory, and reboot the
> machine.
> 4. While machine is rebooting, change the GRUB parameter.
> enforcing=0
>
> 2) Now system is in permissive mode and SELinux status is as follows.
>
> # sestatus
> SELinux status: enabled
> SELinuxfs mount: /selinux
> Current mode: permissive
> Mode from config file: enforcing
> Policy version: 21
> policy from config file: mls
>
> 3) Restart the system services and they restart successfully.
>
> [root@turtle11 ~]# service nfs restart
> Shutting down NFS mountd: [FAILED]
> Shutting down NFS daemon: [FAILED]
> Shutting down NFS quotas: [FAILED]
> Shutting down NFS services: [FAILED]
> Starting NFS services: [
> OK ]
> Starting NFS quotas: [
> OK ]
> Starting NFS daemon: [
> OK ]
> Starting NFS mountd: [
> OK ]
>
> 4) Now i am setting enforcing mode using setenforce command.
>
> root@turtle11 ~]#setenforce 1
> root@turtle11 ~]# sestatus
> SELinux status: enabled
> SELinuxfs mount: /selinux
> Current mode: enforcing
> Mode from config file: enforcing
> Policy version: 21
> Policy from config file: mls
>
> 5) a) Now system is in enforcing mode and i am trying to restart the
> system service. The restart will result in error message.
>
> root@turtle11 ~]#service nfs restart
> /sbin/consoletype: error while loading shared libraries: libc.so.6:
> cannot open shared object file: No such file or directory
> /sbin/consoletype: error while loading shared libraries: libc.so.6:
> cannot open shared object file: No such file or directory
the policy, this was a difference between targeted and strict/mls
policies. Boot in single-user mode and run fixfiles -F relabel.
> --
> nfs: unrecognized service
>
> b) When I trying to login it will show the following error.
>
> turtle login: smbldap3
> /bin/login:error while loading shared libraries: libcrypt.so.1:failed
> to map segment from shared object: Permission denied
> /sbin/mingetty: error while loading shared libraries: libc.so.6:
> failed to map segment from shared object: Permission denied
>
> c) When using su command.
>
> root@turtle11 ~]# su smbldap3
> su: error while loading shared libraries: libpam.so.0: failed to map
> segment from shared object: Permission denied
>
> I am not sure what is going on. I referred to many websites and PDFs
> but couldn't get the proper solution.
>
> please help me.
>
> Thanks
> Prakash.
>
>
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
Stephen Smalley
National Security Agency
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
