unable to change selinux mode on ubuntu 12.04 LTS

Please specify version of Ubuntu

Moderator: xeont

unable to change selinux mode on ubuntu 12.04 LTS

Postby alan321 » Thu Jul 17, 2014 8:11 am

I wish to change selinux mode from permissive to enforcing on ubuntu 12.04 LTS.
i edit the /etc/selinux/config file .
Original file content:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
# default - equivalent to the old strict and targeted policies
# mls - Multi-Level Security (for military and educational use)
# src - Custom policy built from source
SELINUXTYPE=ubuntu

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0


After i change it:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# default - equivalent to the old strict and targeted policies
# mls - Multi-Level Security (for military and educational use)
# src - Custom policy built from source
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

Basically i change permissive to enforcing and ubuntu to targeted. But when i reboot after this ubuntu doesn't boot. All i get is a blank screen.
I then have to boot in the recovery mode and reedit the file to its original contents to boot into ubuntu normally again.
alan321
 
Posts: 1
Joined: Thu Jul 17, 2014 7:54 am

Re: unable to change selinux mode on ubuntu 12.04 LTS

Postby xeont » Tue Jul 22, 2014 4:11 pm

Hi Alan,

Sorry for replying late, also I'm not a SELinux expert.

When,

SELINUX=permissive

Have you check the audit log file to see what are the denied? if the system boots in SELINUX=permissive mode, you might have the denied in the log file and you can find out what is causing the problem.
xeont
 
Posts: 13
Joined: Wed Jun 26, 2013 4:13 am


Return to SElinux for Ubuntu

Who is online

Users browsing this forum: No registered users and 1 guest
cron