Disable selinux at install problem FC8

Ezplan · 03-13-2008, 01:06 PM

Hi All,
Just did a clean install of FC8 from DVD. Everything appeared to go well: partitions created as I wanted, raid set up etc.. After completing install system rebooted fine. When it came to the page to set up selinux I chose "disable". I received a warning something about "this will require changes to settings on all your files and require a reboot. Are you sure..." I chose "yes", the system rebooted and now I've been looking a screen with a spinning cursor for close to 3 hours, also the HD light has been flashing all this time. Is this normal? Should I force a reboot or just let it play out? Thanks.

reddazz · 03-13-2008, 01:23 PM

Thats definitely not normal. Try rebooting and see if that resolves the problem.

Ezplan · 03-13-2008, 01:48 PM

Thanks reddazz for the quick reply.
I rebooted and it started doing the same thing. I rebooted again with the DVD and went to linux rescue. Got to the installed image at /mnt/sysimage and took a look at /mnt/sysimage/var/log/dmesg. Dmesg reports "selinux starting in permissive mode". I thought I had disabled it. Maybe this doesn't mean anything. Any thoughts what to do here? This is a clean install with nothing on the system, so maybe worth starting again?

reddazz · 03-13-2008, 01:58 PM

If its a fresh install, there is no harm in reinstalling.

simplicissimus · 03-13-2008, 07:07 PM

If SELINUX caused problems after a brand new installation, than it conflicts with one or more packages - SELINUX is for example known to play difficult with the Apache server sometimes. So if you reinstall with the same combination of packages and disable SELINUX in the same way as you did before then you can easily come to the same result.

If you can run Linux in rescue mode by booting from the installer DVD, then login to a root shell (rescue mode offers that option) and remount the hard drive with the new installation in writeable mode:

# this should give a list of your HDD devices
$ fdisk -l
# knowing the name of your device you should remount to writeable
# (it should have been mounted in read-only mode)
$ mount -remount <your-device> <mount point>

This way you can overwrite SELINUX settings by hand:
# goto the SELINUX config directory and open the config file
$ cd <mount point>/etc/selinux
$ vi config

Modify it to look like this (only uncommented lines count):
---------------------------------------------------------
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
---------------------------------------------------------

After rebooting SELINUX will be entirely disabled. If the problem still exists after that, than SELINUX is just a part of the problem.

Hope this helps,
Regards,
SIMP

Linux Archive