I have some centos 4.4 server. i have disable selinux for some software
problem:
# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disable
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
But during the boot i see selinux warnings and some software wan't start
correctly:
audit(1173699978.909:2): avc: denied { name_bind } for pid=2407
comm="piranha_gui" src=3636 scontext=user_u:system_r:httpd_t
tcontext=system_u:object_r:port_t tclass=tcp_socket
audit(1173699978.943:3): avc: denied { append } for pid=2407
comm="piranha_gui" name="piranha-gui" dev=dm-0 ino=2338608
scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_log_t
tclass=file
audit(1173699979.918:4): avc: denied { write } for pid=2408
comm="piranha_gui" name="apache_runtime_status" dev=dm-0
ino=2338680
scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:httpd_log_t
tclass=file
How can i see if selinux is really disable?
Thanks
On 12/03/07, Alessio Cecchi <acecchi at telemaco.it> wrote:> I have some centos 4.4 server. i have disable selinux for some software > problem: > > How can i see if selinux is really disable?A quick 30 second google will provide an answer. http://www.google.co.uk/search?hl=en&q=check+selinux&meta Once you've switched selinux off in /etc/sysconfig you need to reboot, or setenforce 0 Will.
On Monday 12 March 2007, Alessio Cecchi wrote:> I have some centos 4.4 server. i have disable selinux for some software > problem: > > # cat /etc/selinux/config > # This file controls the state of SELinux on the system. > # SELINUX= can take one of these three values: > # enforcing - SELinux security policy is enforced. > # permissive - SELinux prints warnings instead of enforcing. > # disabled - SELinux is fully disabled. >A>SELINUX=disable^^^ disabled Tony.> # SELINUXTYPE= type of policy in use. Possible values are: > # targeted - Only targeted network daemons are protected. > # strict - Full SELinux protection. > SELINUXTYPE=targeted > > But during the boot i see selinux warnings and some software wan't > start correctly: > > audit(1173699978.909:2): avc: denied { name_bind } for pid=2407 > comm="piranha_gui" src=3636 scontext=user_u:system_r:httpd_t > tcontext=system_u:object_r:port_t tclass=tcp_socket > audit(1173699978.943:3): avc: denied { append } for pid=2407 > comm="piranha_gui" name="piranha-gui" dev=dm-0 ino=2338608 > scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_log_t > tclass=file > audit(1173699979.918:4): avc: denied { write } for pid=2408 > comm="piranha_gui" name="apache_runtime_status" dev=dm-0 ino=2338680 > scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:httpd_log_t > tclass=file > > > How can i see if selinux is really disable? > > Thanks > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos-- Tony Molloy. System Manager. Dept. of Comp. Sci. University of Limerick