* booting selinux rh9
@ 2003-09-15 11:47 Jason
2003-09-15 13:25 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: Jason @ 2003-09-15 11:47 UTC (permalink / raw)
To: selinux; +Cc: Russell Coker
Guys,
I have been having a great time setting up selinux the latest 2.4.21-selinux1
version on rh9.
However, once again, I cannot get past a certain problem, at login time after
rebooting, I try to login as root, and it says it cannot determine a security
context for me, and do I wish to specify one. I say y (which is default), I
type sysadm_r and type of sysadm_t (I also tried the user_r and user_t as
well), and it responds with invalid security context, and I try again.
So I reboot into selinux single mode, and this is ok, I check the the
selinuxfs has been mounted (of which it has) and all the directories seem to
be there. As a note, my context at this point is kernel_t.
Does anyone know what I might have done wrong?
I also believe that the initrd I created using the one supplied with the
patched differences in the download from nsa creates a valid linuxrc file of
which I have checked, but are you supposed to see the output of the initrd's
echo statements at boot time, because I dont? ( ie : echo Loading Policy)
Cheers
and thanx in advance
Jason
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: booting selinux rh9
2003-09-15 11:47 booting selinux rh9 Jason
@ 2003-09-15 13:25 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2003-09-15 13:25 UTC (permalink / raw)
To: Jason; +Cc: selinux, Russell Coker
On Mon, 2003-09-15 at 07:47, Jason wrote:
> However, once again, I cannot get past a certain problem, at login time after
> rebooting, I try to login as root, and it says it cannot determine a security
> context for me, and do I wish to specify one. I say y (which is default), I
> type sysadm_r and type of sysadm_t (I also tried the user_r and user_t as
> well), and it responds with invalid security context, and I try again.
This implies that the policy wasn't loaded or doesn't contain an entry
for root.
> So I reboot into selinux single mode, and this is ok, I check the the
> selinuxfs has been mounted (of which it has) and all the directories seem to
> be there. As a note, my context at this point is kernel_t.
system_u:system_r:kernel_t or just 'kernel'?
> Does anyone know what I might have done wrong?
> I also believe that the initrd I created using the one supplied with the
> patched differences in the download from nsa creates a valid linuxrc file of
> which I have checked, but are you supposed to see the output of the initrd's
> echo statements at boot time, because I dont? ( ie : echo Loading Policy)
You should see messages from the kernel like:
VFS: Mounted root (ext2 filesystem).
security: 4 users, 5 roles, 274 types
security: 30 classes, 13949 rules
SELinux: Completing initialization.
SELinux: Setting up existing superblocks.
SELinux: initialized (dev , type selinuxfs), uses genfs_contexts
SELinux: initialized (dev ram0, type ext2), uses xattr
...
--
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-09-15 13:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-09-15 11:47 booting selinux rh9 Jason
2003-09-15 13:25 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.