[CentOS] selinux disable but still working

Mon Mar 12 12:58:14 UTC 2007
Tony Molloy <tony.molloy at ul.ie>

On Monday 12 March 2007, Alessio Cecchi wrote:
> I have some centos 4.4 server. i have disable selinux for some software
> problem:
>
> # cat /etc/selinux/config
> # This file controls the state of SELinux on the system.
> # SELINUX= can take one of these three values:
> #       enforcing - SELinux security policy is enforced.
> #       permissive - SELinux prints warnings instead of enforcing.
> #       disabled - SELinux is fully disabled.
>A>SELINUX=disable 
                                ^^^   disabled
Tony.
> # SELINUXTYPE= type of policy in use. Possible values are:
> #       targeted - Only targeted network daemons are protected.
> #       strict - Full SELinux protection.
> SELINUXTYPE=targeted
>
> But during the boot i see selinux warnings and some software wan't
> start correctly:
>
> audit(1173699978.909:2): avc:  denied  { name_bind } for  pid=2407
> comm="piranha_gui" src=3636 scontext=user_u:system_r:httpd_t
> tcontext=system_u:object_r:port_t tclass=tcp_socket
> audit(1173699978.943:3): avc:  denied  { append } for  pid=2407
> comm="piranha_gui" name="piranha-gui" dev=dm-0 ino=2338608
> scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_log_t
> tclass=file
> audit(1173699979.918:4): avc:  denied  { write } for  pid=2408
> comm="piranha_gui" name="apache_runtime_status" dev=dm-0 ino=2338680
> scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:httpd_log_t
> tclass=file
>
>
> How can i see if selinux is really disable?
>
> Thanks
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos



-- 


Tony Molloy.

System Manager.
Dept. of Comp. Sci.
University of Limerick