Re: SELinux Reset

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Peter Joseph wrote:
> 
>>While experimenting with SELinux, I finally managed to lock myself out of
the system.  The only way to get back in, I had >to add "selinux=0" to the
end of the kernel line.
>>Now, if I run in a permissive mode the following message appears when I
try to log in:
> 
>>"Could not connect to session bus: An SELinux policy prevents this sender
from sending this message to this recipient >(rejected message had sender
"(unset)" interface "org.freedesktop.DBus" member "Hello" error name
"(unset)" destination >"org.freedesktop.DBus)."
> 
>>I am forced to go back to the grub prompt and disable SELinux again, in
order to get in.  What is the best way to reset >SEL to its original state?
> 

Problem solved.

Appending selinux=0 to the end of the kernel line enabled me to get back
into the system, however, I found no way of working with SELinux on account
of it being disabled.
Appending unconfined_login = 1 instead, brought me to a root prompt with
SELinux enabled.
Used the following to check and restore:

# getsebool unconfined_login
  unconfined_login --> off

# setsebool -P unconfined_login=1

# getsebool unconfined_login
  unconfined_login --> on

# poweroff

One thing though, the "unconfined_login = 1" added to the kernel line has to
contain a space before and after the equal sign. 


-- 
View this message in context: http://www.nabble.com/SELinux-Reset-tp24855587p24905702.html
Sent from the Fedora SELinux List mailing list archive at Nabble.com.

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux