RE: disabling selinux from a chroot?

Thanks to all who replied. You guys rock.

I did come across sestatus and setenforce, but the 'setenforce' is not =20
anywhere
on the rescue cd. Trying to run it from the mounted volumes gave a =20
'setenforce failed ()' error (not exact, but something like that), and =20
sestatus showed no change from before to after.

I do think I found the 'error' though, and
it wasn't selinux (at least not directly), but a permissions thing on =20
the specific mail directory of the specific
account I was using for testing (no doubt phase of the moon factored =20
in there somewhere too). No big, but cost a lot of time. Anyway, I'm =20
going in tomorrow to dump everything off and put in a new set of drives.

Quoting "Jenkinson, John P (SAIC)" <John.Jenkinson@bp.com>:

> Something to try
> 1.) Temporarily turn off SELinux - good for troubleshooting:
>
> /usr/bin/setenforce 0
>
> (Note: This will have to be done as root.)
>
> -----Original Message-----
> From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org] On Behalf
> Of Damien Hull
> Sent: Sunday, August 26, 2007 11:44 AM
> To: lee@afabco.com
> Cc: aklug@aklug.org
> Subject: Re: disabling selinux from a chroot?
>
> If I remember correctly selinux messes with the kernel. This would
> suggest to me that you can't turn it off once the system boots. If you
> could it wouldn't be secure. I could be wrong.
>
> There is a config file in /etc that allows you to turn selinux off. That
>
> won't help you because it requires a reboot. Look into the following.
>
> 1. Find a way to turn selinux of at the grub boot menu
> 1. Not sure if this is possable
> 2. Make a custom CD and turn off selinux
> 3. Get a different rescue CD
>
>
>
> lee@afabco.com wrote:
>> Hi folks,
>>
>> had a redhat enterprise 4 machine go barf on me, corruption on one of
>
>> the disks, I'm booted off the redhat rescue CD, and have everything
>> mounted and running in a chroot. Everything seems to be running
>> except for one app that selinux appears to be intercepting. What
>> idiot decided to enable selinux on a rescue CD I have no idea but I
>> hope they rot. Anyway, how do I disable selinux on the fly?
>>
>> Thanks in advance
>>
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sun Aug 26 21:10:12 2007