Hello All, Francesco Ranieri wrote: > > Do you know selinux ? I read that "context=system_u:system_r:initrc_t" > and i suppose it belongs to selinux, if you know what selinux is you > can try to disable it and see if on reboot the original squid script > works. If you don't know selinux, i suppose you can disable it > changing the file /etc/sysconfig/selinux or /etc/selinux/config. If > you don't find these files try an "updatedb && locate selinux". If > those files exist change the "SELINUX=enforcing" variable setting and > reboot. To check if selinux is enabled you can try also with > "selinuxenabled;echo $?" if it returns 0 it's enabled. If you want to > use selinux i suppose you'll have to modify the policies. > > Best Regards > Francesco Ranieri I think I have finally made a breakthrough thanks to Francesco. Changing "SELINUX=enforcing" to "SELINUX=permissive" (displays warnings instead of blocking) now allows squid to launch squidGuard at boot! I haven't yet tested it fully but it does at least start the processes. (I now have to go back and undo all the things I did when testing it and try it from a standard set-up - groan). Does anyone here know SELinux? I would like - eventually - to be able to have it running with SELinux enabled. If someone could help me with this (or point me to someone who can) then I will volunteer to write a How-To for other users of squidGuard with Fedora Core 4+ (where SELinux is enabled by default). I still have much testing and set-up to do - so I am not finished yet - but I would like to take this opportunity to thank everyone on these two lists for all their help. Even after a couple of years of using Linux I am still impressed by the unstinting devotion of the community, and its members' willingness to give of their time and knowledge so freely to help others. Thank You. Mark
Attachment:
signature.asc
Description: OpenPGP digital signature
