prakash hallalli wrote: > Hi > I have followed the same steps what you are given the information to change > the libc.so.6 file label. Now user will be able to login to the system it > not showing any error message while login time. But still i am not able do > system restart services. Now it showing error message is unrecognized > service. > > I have received the following error messages. > > [root@turtle11 ~]# sestatus > SELinux status: enabled > SELinuxfs mount: /selinux > Current mode: permissive > Mode from config file: enforcing > Policy version: 21 > Policy from config file: mls > > [root@turtle11 ~]# service nfs restart > Shutting down NFS mountd: [ OK ] > Shutting down NFS daemon: [ OK ] > Shutting down NFS quotas: [ OK ] > Shutting down NFS services: [ OK ] > Starting NFS services: [ OK ] > Starting NFS quotas: [ OK ] > Starting NFS daemon: [ OK ] > Starting NFS mountd: [ OK ] > > [root@turtle11 ~]# setenforce 1 > [root@turtle11 ~]# sestatus > SELinux status: enabled > SELinuxfs mount: /selinux > Current mode: enforcing > Mode from config file: enforcing > Policy version: 21 > Policy from config file: mls > > [root@turtle11 ~]# service nfs restart > nfs: unrecognized service > > [root@turtle11 ~]# service ldap restart > ldap: unrecognized service > > [root@turtle11 ~]# service samba restart > samba: unrecognized service > > [root@turtle11 ~]# service named restart > named: unrecognized service > [root@turtle11 ~]# > > Please help me, what should i do. > > Thanks, > prakash > > > > > > > On Tue, Jun 10, 2008 at 5:37 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > >> On Tue, 2008-06-10 at 17:14 +0530, prakash hallalli wrote: >>> Hi All >>> >>> I have configured SELinux on ContOS 5.1. I have configured the RBAC >>> using MLS (Multilevel Security) Policy. >>> Now i am trying to restart the system services and they are not >>> restarting and it is throwing some error message. >>> I have a question here, with mls policy enabled will i be able to >>> restart the system service? If yes then what to do and If no what is >>> the reason? >>> >>> Steps to reproduce: >>> >>> 1) MLS Policy configuration. >>> >>> 1. Install selinux-policy-mls >>> 2. Set SELINUXTYPE=MLS in /etc/selinux/config file >>> 3. touch ./autorelabel; on root's home directory, and reboot the >>> machine. >>> 4. While machine is rebooting, change the GRUB parameter. >>> enforcing=0 >>> >>> 2) Now system is in permissive mode and SELinux status is as follows. >>> >>> # sestatus >>> SELinux status: enabled >>> SELinuxfs mount: /selinux >>> Current mode: permissive >>> Mode from config file: enforcing >>> Policy version: 21 >>> policy from config file: mls >>> >>> 3) Restart the system services and they restart successfully. >>> >>> [root@turtle11 ~]# service nfs restart >>> Shutting down NFS mountd: [FAILED] >>> Shutting down NFS daemon: [FAILED] >>> Shutting down NFS quotas: [FAILED] >>> Shutting down NFS services: [FAILED] >>> Starting NFS services: [ >>> OK ] >>> Starting NFS quotas: [ >>> OK ] >>> Starting NFS daemon: [ >>> OK ] >>> Starting NFS mountd: [ >>> OK ] >>> >>> 4) Now i am setting enforcing mode using setenforce command. >>> >>> root@turtle11 ~]#setenforce 1 >>> root@turtle11 ~]# sestatus >>> SELinux status: enabled >>> SELinuxfs mount: /selinux >>> Current mode: enforcing >>> Mode from config file: enforcing >>> Policy version: 21 >>> Policy from config file: mls >>> >>> 5) a) Now system is in enforcing mode and i am trying to restart the >>> system service. The restart will result in error message. >>> >>> root@turtle11 ~]#service nfs restart >>> /sbin/consoletype: error while loading shared libraries: libc.so.6: >>> cannot open shared object file: No such file or directory >>> /sbin/consoletype: error while loading shared libraries: libc.so.6: >>> cannot open shared object file: No such file or directory >> This suggests that libc.so.6 has the wrong label. In older versions of >> the policy, this was a difference between targeted and strict/mls >> policies. Boot in single-user mode and run fixfiles -F relabel. >> >>> nfs: unrecognized service >>> >>> b) When I trying to login it will show the following error. >>> >>> turtle login: smbldap3 >>> /bin/login:error while loading shared libraries: libcrypt.so.1:failed >>> to map segment from shared object: Permission denied >>> /sbin/mingetty: error while loading shared libraries: libc.so.6: >>> failed to map segment from shared object: Permission denied >>> >>> c) When using su command. >>> >>> root@turtle11 ~]# su smbldap3 >>> su: error while loading shared libraries: libpam.so.0: failed to map >>> segment from shared object: Permission denied >>> >>> I am not sure what is going on. I referred to many websites and PDFs >>> but couldn't get the proper solution. >>> >>> please help me. >>> >>> Thanks >>> Prakash. >>> >>> >>> -- >>> fedora-selinux-list mailing list >>> fedora-selinux-list@xxxxxxxxxx >>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list >> -- >> Stephen Smalley >> National Security Agency >> >> > > > ------------------------------------------------------------------------ > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Try # run_init service nfs restart -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
