05-25-2010
selinux --disabled
Hi All,
Will some one kindly explian below ?
selinux
What is the effect of installing a server using this kickstart option as follows:
selinux --enforcing
and
selinux --disabled
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I am on a fedora core 2.6.9-1.677 i686
which is selinux enabled unlike the version I was on before .. which had to be manually enabled ..and if you knew nothing of the sort you were lost.. that was the case for me anyway! like i was saying ... now I am on a system that is enabled I have just... (1 Reply)
Discussion started by: moxxx68
1 Replies
2. Linux
in fedora core 2 with enforcing mode in selinux , why even as a root OS doesnt give permission to create any directory or file in /home ? (1 Reply)
Discussion started by: the.last.soul
1 Replies
3. Linux
Hello all!
I am trying to enable SELinux on bootup for my supported kernel
2.6.26.8.tex1
I am running PCLinuxOS 2009 Beta 2 which is based on Mandriva/Mandrake
From my reading, I know that I am able to set SELinux to boot (preferably in passive mode) however this would still 'change' my... (2 Replies)
Discussion started by: septima.pars
2 Replies
4. Red Hat
When I installed Fedora 10 I set the option to encrypt my file systems but now I can't open either of my two HDD's. I asks me for my password and gives me three options concerning the "remembering" of my password but when I put the password in nothing happens at all. Any ideas? Thanks. (3 Replies)
Discussion started by: jasonfrost
3 Replies
5. Virtualization and Cloud Computing
Hi,
Has anyone enabled SELinux on Amazon EC2?
I tried to enable SELinux using a CentOS image, and the steps in the following post, but it didn't work!!
Amazon Web Services Developer Community : Has anyone successfully enabled SELinux ...
The steps i took:
1)I started with CentOS 5.3 base... (5 Replies)
Discussion started by: fun_indra
5 Replies
6. Cybersecurity
Hi, I can not start named service:
/etc/init.d/named start
Iniciando named:
Error in named configuration:
zone default.domain/IN: loading from master file /home/admin/conf/dns/default.domain.db failed: permission denied
zone default.domain/IN: not loaded due to errors.... (2 Replies)
Discussion started by: Anibal
2 Replies
7. UNIX and Linux Applications
Situation: installed on Centos6.4 this samba4 package
samba4-4.0.1-4.centos6.1.x86_64(wich had the path /usr/share/samba4 /var/lock/samba4,etc)
I use selinux so i put in context
/var/lock/samba4 -d system_u:object_r:samba_var_t:s0
/var/lock/samba4/.* -- ... (3 Replies)
Discussion started by: Linusolaradm1
3 Replies
8. Red Hat
Hi,
in /etc/httpd/conf/httpd.conf
#DocumentRoot "/var/www/html"
DocumentRoot "/home/phpmy/html"
when I restarted httpd
# /etc/init.d/httpd restart
Stopping httpd:
Starting httpd: Syntax error on line 293 of /etc/httpd/conf/httpd.conf:... (0 Replies)
Discussion started by: jediwannabe
0 Replies
9. UNIX for Dummies Questions & Answers
I worked all night on creating an RHEL 7 template customized for our private cloud and almost had it ready. While doing the final part, enabling GDM, I made the blunder of disabling SELINUX. Now I am not able to re-enable or put into permissive mode again. Earlier, when this happened on RHEL 6... (3 Replies)
Discussion started by: satish51392111
3 Replies
LEARN ABOUT CENTOS
avc_open
avc_open(3) SELinux API documentation avc_open(3)
NAME
avc_open, avc_destroy, avc_reset, avc_cleanup - userspace SELinux AVC setup and teardown
SYNOPSIS
#include <selinux/selinux.h>
#include <selinux/avc.h>
int avc_open(struct selinux_opt *options, unsigned nopt);
void avc_destroy(void);
int avc_reset(void);
void avc_cleanup(void);
DESCRIPTION
avc_open() initializes the userspace AVC and must be called before any other AVC operation can be performed.
avc_destroy() destroys the userspace AVC, freeing all internal memory structures. After this call has been made, avc_open() must be called
again before any AVC operations can be performed.
avc_reset() flushes the userspace AVC, causing it to forget any cached access decisions. The userspace AVC normally calls this function
automatically when needed, see NETLINK NOTIFICATION below.
avc_cleanup() attempts to free unused memory within the userspace AVC, but does not flush any cached access decisions. Under normal opera-
tion, calling this function should not be necessary.
OPTIONS
The userspace AVC obeys callbacks set via selinux_set_callback(3), in particular the logging and audit callbacks.
The options which may be passed to avc_open() include the following:
AVC_OPT_SETENFORCE
This option forces the userspace AVC into enforcing mode if the option value is non-NULL; permissive mode otherwise. The system
enforcing mode will be ignored.
NETLINK NOTIFICATION
Beginning with version 2.6.4, the Linux kernel supports SELinux status change notification via netlink. Two message types are currently
implemented, indicating changes to the enforcing mode and to the loaded policy in the kernel, respectively. The userspace AVC listens for
these messages and takes the appropriate action, modifying the behavior of avc_has_perm(3) to reflect the current enforcing mode and flush-
ing the cache on receipt of a policy load notification. Audit messages are produced when netlink notifications are processed.
RETURN VALUE
Functions with a return value return zero on success. On error, -1 is returned and errno is set appropriately.
AUTHOR
Eamon Walsh <ewalsh@tycho.nsa.gov>
SEE ALSO
selinux(8), avc_has_perm(3), avc_context_to_sid(3), avc_cache_stats(3), avc_add_callback(3), selinux_set_callback(3), security_com-
pute_av(3)
12 Jun 2008 avc_open(3)