Peter Joseph wrote: > >>While experimenting with SELinux, I finally managed to lock myself out of the system. The only way to get back in, I had >to add "selinux=0" to the end of the kernel line. >>Now, if I run in a permissive mode the following message appears when I try to log in: > >>"Could not connect to session bus: An SELinux policy prevents this sender from sending this message to this recipient >(rejected message had sender "(unset)" interface "org.freedesktop.DBus" member "Hello" error name "(unset)" destination >"org.freedesktop.DBus)." > >>I am forced to go back to the grub prompt and disable SELinux again, in order to get in. What is the best way to reset >SEL to its original state? > Problem solved. Appending selinux=0 to the end of the kernel line enabled me to get back into the system, however, I found no way of working with SELinux on account of it being disabled. Appending unconfined_login = 1 instead, brought me to a root prompt with SELinux enabled. Used the following to check and restore: # getsebool unconfined_login unconfined_login --> off # setsebool -P unconfined_login=1 # getsebool unconfined_login unconfined_login --> on # poweroff One thing though, the "unconfined_login = 1" added to the kernel line has to contain a space before and after the equal sign. -- View this message in context: http://www.nabble.com/SELinux-Reset-tp24855587p24905702.html Sent from the Fedora SELinux List mailing list archive at Nabble.com. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
