[ubuntu-hardened] SELinux on Karmic?
Kees Cook
kees at ubuntu.com
Thu Sep 3 16:23:56 BST 2009
Hi,
On Thu, Sep 03, 2009 at 11:15:00AM -0400, John Dong wrote:
> SELinux only relies on GRUB for passing in selinux=1 /
> apparmor.enabled=0, correct?
>
> This system is actually upgraded from a stock Jaunty install so it's
> currently running GRUB1. I see selinux=1 passed into the kernel but the
> userland doesn't seem to react; sestatus reports itself as disabled,
> nothing is mounted at /selinux, etc, which would lead me to suspect
> something in addition to grub2 being the culprit?
Actually, in addition to the grub2 stuff, the kernel changed how it does
LSM selection. I think it needs to be security=selinux instead of
selinux=1, but I haven't tested it myself.
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the ubuntu-hardened
mailing list