[solved]SELINUX=disabled - It's Ok?

Issues related to applications and software problems
hunter86_bg
Posts: 735
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: SELINUX=disabled - It's Ok?

Postby hunter86_bg » 2017/09/18 06:28:16

Try to set /etc/sysconfig/selinux to enforcing, reboot and check if the Gnome Display Manager can start.
Regarding SELinux troubleshooting check this short thread

Hanisch
Posts: 27
Joined: 2015/08/10 13:26:03

Re: SELINUX=disabled - It's Ok?

Postby Hanisch » 2017/09/18 09:16:37

hunter86_bg wrote:Try to set /etc/sysconfig/selinux to enforcing, reboot and check if the Gnome Display Manager can start.

The Gnome Display Manager always return to Login-Screen. It's not possible to run a Desktop as user.
Therefore I have again in /etc/sysconfig/selinux

Code: Select all

SELINUX=permissive

I think that is Ok. for me.

Only the message on gdm-Login-Screen

Code: Select all

Unfähig einen gültigen Kontakt zu erhalten für BENUTZER

is distempering.

with regards
Ch. Hanisch

User avatar
TrevorH
Forum Moderator
Posts: 20605
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SELINUX=disabled - It's Ok?

Postby TrevorH » 2017/09/18 09:31:52

So run in permissive mode and then look at your audit log to determine _why_ it doesn't work. You can use our wiki selinux page to work through the steps required to identify the problems and create a policy file (or maybe you have a mislabeled file that stops things from working in which case relabeling that file or the entire filesystem will fix it).

Useful resources for SELinux: http://wiki.centos.org/HowTos/SELinux | http://wiki.centos.org/TipsAndTricks/SelinuxBooleans | http://docs.fedoraproject.org/en-US/Fed ... ced_Linux/ | http://www.youtube.com/watch?v=bQqX3RWn0Yw | http://opensource.com/business/13/11/se ... licy-guide
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Hanisch
Posts: 27
Joined: 2015/08/10 13:26:03

Re: SELINUX=disabled - It's Ok?

Postby Hanisch » 2017/09/18 13:33:18

Hello,
the solution is found.
in this Link https://centoshelp.org/security/selinux ... eshooting/
this was the solution:
Reset SELinux to its initial state:

Code: Select all

yum remove selinux-policy
rm -rf /etc/selinux
yum install selinux-policy-targeted
fixfiles -f -F relabel
reboot

I have now:

Code: Select all

$ sudo sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

an the system works fine.

with regards
Ch. Hanisch