[CentOS] selinux disable but still working

Alessio Cecchi acecchi at telemaco.it
Mon Mar 12 11:54:23 UTC 2007


I have some centos 4.4 server. i have disable selinux for some software 
problem:

# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disable
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

But during the boot i see selinux warnings and some software wan't start 
correctly:

audit(1173699978.909:2): avc:  denied  { name_bind } for  pid=2407 
comm="piranha_gui" src=3636 scontext=user_u:system_r:httpd_t 
tcontext=system_u:object_r:port_t tclass=tcp_socket
audit(1173699978.943:3): avc:  denied  { append } for  pid=2407 
comm="piranha_gui" name="piranha-gui" dev=dm-0 ino=2338608 
scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_log_t 
tclass=file
audit(1173699979.918:4): avc:  denied  { write } for  pid=2408 
comm="piranha_gui" name="apache_runtime_status" dev=dm-0 ino=2338680 
scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:httpd_log_t 
tclass=file


How can i see if selinux is really disable?

Thanks



More information about the CentOS mailing list