I have a number of testing systems installed with Fedora 14. They were installed with the minimal profile, have no 3rd party repositories or rpm's installed, are fully up-to-date, and were exhibiting some strange behavior with the corosync/pacemaker packages. The problems with corosync are a direct result of the system not respecting the /etc/sysconfog/selinux directives. I have attached some sessions below to show the errant behavior. Boot 1: [root@tiny ~]# uptime 08:30:43 up 0 min, 1 user, load average: 0.15, 0.06, 0.02 [root@tiny ~]# getenforce Enforcing [root@tiny ~]# more /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted Boot 2: [root@tiny ~]# uptime 08:33:01 up 0 min, 1 user, load average: 0.30, 0.06, 0.02 [root@tiny ~]# getenforce Enforcing [root@tiny ~]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted After a call to setenforce 0 [root@tiny ~]# getenforce Permissive As you can clearly see the SELINUX directive is being ignored during boot. I have had to move startup of the affected packages to /etc/rc.local after a call to setenforce 0. Cheers, Eric Warnke Research IT Group SUNY at Albany -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
