Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-28-2006, 11:36 AM
|
#1
|
LQ Newbie
Registered: Jun 2006
Posts: 6
Rep:
|
SELINUX user queries
Dear all, I have to apologize in advance for my lack of knowledge in SELINUX.
Users on my system are currently receiving the following message when logging in,
"Your default context is user_u:system_r:unconfined_t.
Do you want to choose a different one? [n]
"
I have two questions here,
1) If I decide to leave SELINUX, how do I set this user or other users so that the message does not appear.
2) how do I switch off the SELINUX facility.
The /etc/selinux/config file contains the following,
"# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=Disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted"
Is the SELINUX variable case sensitive? Should this be set to 'disabled' rather then 'Disabled'.
Any help would be appreciated?
|
|
|
06-28-2006, 11:50 AM
|
#2
|
Member
Registered: Aug 2005
Location: Midland, TX
Distribution: Ubuntu
Posts: 125
Rep:
|
I'm not strong on SELINUX but I would think that it IS case sensitive as most things in Linux are. Certainly no harm in trying it that way.
Also it would help to know what distro this is. RHEL, Suse, Debian?
|
|
|
06-29-2006, 05:27 AM
|
#3
|
LQ Newbie
Registered: Jun 2006
Posts: 6
Original Poster
Rep:
|
thanks for that. If i set the variable to 'disabled', I presume this will take affect upon reboot?
|
|
|
06-29-2006, 08:05 AM
|
#4
|
Member
Registered: Aug 2005
Location: Midland, TX
Distribution: Ubuntu
Posts: 125
Rep:
|
As I understand it, Yes.
Again I ask what distro is this?
|
|
|
06-30-2006, 09:48 AM
|
#5
|
LQ Newbie
Registered: Jun 2006
Posts: 6
Original Poster
Rep:
|
thanks for the replies.
We are talking about GNU/Linux
|
|
|
06-30-2006, 10:14 AM
|
#6
|
Member
Registered: Mar 2004
Posts: 135
Rep:
|
really need to dig into SELINUX. :-)
|
|
|
06-30-2006, 10:21 AM
|
#7
|
Member
Registered: Aug 2005
Location: Midland, TX
Distribution: Ubuntu
Posts: 125
Rep:
|
Quote:
Originally Posted by manser
thanks for the replies.
We are talking about GNU/Linux
|
Linux is just the kernel. SELinux is implemented different on different distros. I ask for the THIRD time. What DISTRO are you using!!!!????
|
|
|
07-03-2006, 05:14 AM
|
#8
|
LQ Newbie
Registered: Jun 2006
Posts: 6
Original Poster
Rep:
|
hi, The distro is as follows
Red Hat Enterprise Linux ES release 4 (Nahant Update 2)
Thanks
|
|
|
07-03-2006, 07:17 AM
|
#9
|
Member
Registered: Jan 2005
Location: UK
Posts: 55
Rep:
|
You may find the following tools very useful when dealing with SELinux
system-config-securitylevel - allows you to enable/disable SELinux
restorecon - set SELinux contexts for files and directories back to defaults
|
|
|
All times are GMT -5. The time now is 01:00 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|