Thanks Stephen, I think it is policy related, I'm too new to this so I better find some time to read the selinux notebook and learn about policies before asking stupid questions, anything you recommend?
2013/2/19 Stephen Smalley <sds@xxxxxxxxxxxxx>
On 02/17/2013 01:43 AM, Brian Iván Martínez wrote:You don't need it in fstab because systemd calls libselinux selinux_init_load_policy() which will automatically try to mount selinuxfs on /sys/fs/selinux first, and then fall back to /selinux if that directory does not exist (which would be the case on older kernels).
Thanks for the help, I found the fedora package for policycoreutils and
copied the unit file to make the daemon run in every boot, you said it
wasn't necessary but it would be nice to have working everything I can
and even if I have the time and energy after this getting the gui tools
too. Anyway, I've downloaded the selinux notebook and the first thing I
notice is the change in the directories so I'm running thinking selinux
was in /selinux and no it isn't, should I erase the entry in the fstab
or should I change it to point to /sys/fs/selinux?. Another thing is, I
installed an old policy wich is sysvinit compatible but now I can't boot
in enforcing because it complains about not finding /dev/shm to boot (in
permissive is fine), in the IRC one guy helped me (I'm really sorry, I
forgot the username) and said it could be a policy issue so I should
install a new one either from Fedora's lates packages or from Tresys and
then try to create one based on those. My question is, could that be the
issue or should I search somewhere else?
Updating to a recent policy certainly wouldn't hurt. But for policy issues, you should:
a) post your actual denials,
b) take your questions to the refpolicy list,
http://oss.tresys.com/mailman/listinfo/refpolicy
--
Ellos se ríen de mi por que soy diferente, yo me río de ellos por que todos son iguales-- J. Davis
