Booting Without SELinux

From EnGardeWiki

1 Description
2 Procedure
- 2.1 Option 1
- 2.2 Option 2
3 Conclusion

Description

Sometimes it is necessary to keep your EnGarde Secure Linux running in SELinux Permissive mode. An example of this would be if you decided to turn your server into an email scanning server using amavisd-new and clamav virus scanner.

[edit]

Procedure

To boot up with SELinux being turned on, you have one of two options: edit the /etc/lilo.conf file or the /etc/selinux/config file.

[edit]

Option 1

Edit the /etc/lilo.conf file. Locate the line where it says default=secure and change it to read default=standard. Standard boots with SELinux in Permissive mode.

[edit]

Option 2

Edit the /etc/selinux/config. Locate the line that says SELINUX=enforcing. Modify that line to read SELINUX=permissive. This way the machine will boot into secure mode with SELinux in Permissive mode.

[edit]

Conclusion

The latter method is the preferred method since that only changes the status of SELinux. Option 1 has other more subtle consequences when EnGarde is put into Standard mode.

Retrieved from "http://wiki.engardelinux.org/index.php/Booting_Without_SELinux"

Categories: SELinux | Boot

Booting Without SELinux

From EnGardeWiki

Contents

Description

Procedure

Option 1

Option 2

Conclusion

Views

Personal tools

Navigation

Search

Toolbox