[ubuntu-hardened] Problems with SELinux and ubtunu ...

Thomas M. Galla thomas.galla at chello.at
Thu Dec 28 11:36:54 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I've tried to get SELinux running on my ubuntu machine (ubuntu 6.06 with
kernel 2.6.15-27-386). - I mainly followed the instructions given on
https://wiki.ubunu.com/SELinux and on
http://www.lurking-grue.org/selinuxHOWTO.html.

I've done the following things:

	o Installed the required packages

	o Created /selinux mount point and mounted filesystem
	  (entry in /etc/fstab is present)

	o Enable SELinux in permissive mode in the kernel

	o Relabled the file system

	o Edited /etc/pam.d/login and /etc/pam.d/ssh

Enabling permissive mode seems to work, since in /var/log/messages I
find the following output:

Dec 28 11:26:20 localhost kernel: [17179573.312000] SELinux: Initializing.
Dec 28 11:26:20 localhost kernel: [17179573.312000] SELinux:  Starting
in permissive mode



However checking with sestatus(1) still yields

SELinux status:                 disabled

and id -Z for example produces the following output:

Sorry, --context (-Z) can be used only on a selinux-enabled kernel.

Anybody got an idea or a hint what I'm doing wrong or whether I've
forgotten some important step?


Futhermore I'm not sure, whether the information given on
https://wiki.ubunu.com/SELinux is still up-to-date or whether it's
outdated and has been replaced for something else (which I haven't found
yet).


Thanks for any help,

	Tom.
- --
Thomas M. Galla
Barmherzigengasse 17/3/76, A-1030 Wien, AUSTRIA
Tel: +43 (1) 9718762
mailto:thomas.galla at chello.at
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFk6xW9r+iuSvH3M4RAngwAJ9sPRfONss44t9vNYcdkouyBa1kiQCgmMD+
v8DZxfkmMHlkDtIBAPUrKvM=
=xHg9
-----END PGP SIGNATURE-----



More information about the ubuntu-hardened mailing list