On Wed, 2010-02-17 at 13:34 -0500, Alan Rouse wrote: > Here's some info about the system now (booting successfully to desktop with selinux enabled) > > /etc/selinux/config: > SELINUX=permissive > SELINUXTYPE=refpolicy-standard > > /etc/dbus-1/system.conf contains: > <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include> > > var/log/messages does not have any AVC messages in it. > > sestatus -v: > SELinux status: enabled > SELinuxfs mount: /selinux > Current mode: permissive > Mode from config file: permissive > Policy version: 24 > Policy from config file: refpolicy-standard > > Process contexts: > Current context: system_u:system_r:kernel_t > Init context: system_u:system_r:kernel_t > /sbin/mingetty system_u:system_r:kernel_t > > File contexts: > Controlling term: system_u:object_r:devpts_t > /etc/passwd system_u:object_r:file_t > /etc/shadow system_u:object_r:file_t > /bin/bash system_u:object_r:file_t > /bin/login system_u:object_r:file_t > /bin/sh system_u:object_r:file_t -> system_u:object_r:file_t > /sbin/agetty system_u:object_r:file_t > /sbin/init system_u:object_r:file_t > /sbin/mingetty system_u:object_r:file_t > /usr/sbin/sshd system_u:object_r:file_t > /lib/libc.so.6 system_u:object_r:file_t -> system_u:object_r:file_t > /lib/ld-linux.so.2 system_u:object_r:file_t -> system_u:object_r:file_t Ok, so all of your processes are still running in kernel_t, and all of your files are labeled file_t. You need to label your filesystems and reboot. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
