Problem Setting Policy To Enforcing Mode

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rahul Jain <erahul29@yahoo.com>
To: selinux@tycho.nsa.gov
Cc: justinmattock@gmail.com, sds@tycho.nsa.gov, dwalsh@redhat.com
Subject: Problem Setting Policy To Enforcing Mode
Date: Sat, 22 Nov 2008 03:09:20 -0800 (PST)	[thread overview]
Message-ID: <674101.15460.qm@web50212.mail.re2.yahoo.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 951 bytes --]

Thankyou all for your kind help.

Finally I was able to boot my policy. As suggested, I removed dontaudit rules from my policy by doing "make enableaudit". Then I did some quick fixes and was finally able to boot the policy. However I am still facing some issues:
Firstly - My syslog daemon takes too long to start almost 10 min. Please note my test systems are high end multiprocessor express servers with 8 GB of RAM.
Secondly: I am not able to come back to permissive mode, not even by login as sysadm_r role. My file system is read only and so I am not able to edit the /etc/selinux/config file. "setenforce" command temperoraly puts the policy in permissive mode but still config file could not be edited. I even tried it in linux single user mode, but the problem persists. Is it the property of the tresys reference policy or my policy is still not behaving properly?
I reallly appreciate your kind help

Thanks 
Rahul    

[-- Attachment #2: Type: text/html, Size: 1232 bytes --]

next             reply	other threads:[~2008-11-22 11:09 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-11-22 11:09 Rahul Jain [this message]
2008-11-22 17:18 ` Problem Setting Policy To Enforcing Mode Justin P. Mattock
2008-11-24 13:47 ` Stephen Smalley
  -- strict thread matches above, loose matches on Subject: below --
2008-11-24 17:37 Rahul Jain
2008-11-24 18:23 ` Justin P. Mattock
2008-11-21 14:59 Rahul Jain
2008-11-21 15:45 ` Justin P. Mattock
2008-11-21 18:37 ` Stephen Smalley
2008-11-21 19:41 ` Daniel J Walsh

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=674101.15460.qm@web50212.mail.re2.yahoo.com \
    --to=erahul29@yahoo.com \
    --cc=dwalsh@redhat.com \
    --cc=justinmattock@gmail.com \
    --cc=sds@tycho.nsa.gov \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.