4

Trying to set up mail I found out I have important file missing or it seems I do.

First of all I have no selinux in /etc/sysconfig and in /etc/selinux there is folder mls and files restorecond.conf restorecond_user.conf semanage.conf but no general conf file.

On command sestatus it says disabled.

On command yum provides /etc/selinux/config

Loaded plugins: fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
* epel: mirror.optus.net
selinux-policy-3.7.19-231.el6_5.1.noarch : SELinux policy configuration
Repo        : updates
Matched from:
Filename    : /etc/selinux/config



selinux-policy-3.7.19-231.el6.noarch : SELinux policy configuration
Repo        : base
Matched from:
Filename    : /etc/selinux/config



selinux-policy-3.7.19-231.el6_5.3.noarch : SELinux policy configuration
Repo        : updates
Matched from:
Filename    : /etc/selinux/config

On reboot it remains disabled after command echo 1 > /selinux/enforce before reboot.

I am on centos 6.5 and don't know how to check if SElinux is corrupted or not.

I don't think it exists in full:

-bash-4.1#  rpm -qa | grep selinux
libselinux-python-2.0.94-5.3.el6_4.1.i686
libselinux-utils-2.0.94-5.3.el6_4.1.i686
libselinux-2.0.94-5.3.el6_4.1.i686
-bash-4.1# rpm -q policycoreutils
policycoreutils-2.0.83-19.39.el6.i686
-bash-4.1# rpm -qa | grep setroubleshoot
-bash-4.1# semanage login -l 
-bash: semanage: command not found

CONFIG_SECURITY_SELINUX=y
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_DISABLE=y
CONFIG_SECURITY_SELINUX_DEVELOP=y
CONFIG_SECURITY_SELINUX_AVC_STATS=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set
cea
  • 1,543
  • Please add the output of grep -i selinux /boot/config-$(uname -r) to your question. Is this a physical machine, a virtual machine, some type of hosting? – dawud Jun 09 '14 at 06:19
  • it is a vps have running. – cea Jun 09 '14 at 06:23
  • I don't know if your provider supports SElinux out of the box. Either way, you don't seem to have a policy installed. Install one and relabel the filesystem to check that out. – dawud Jun 09 '14 at 06:26
  • I'm not sure what to install as I thought it came with centos by default. I might have to start from scratch but thanks. – cea Jun 09 '14 at 06:56
  • 2
    You need to install a SELinux policy (yum install selinux-policy-targeted, then you'll need to relabel the whole filesystem, as this is a system that had SELinux disabled before. You need to be at least a little bit familiar with SELinux (i.e. do you want SELinux because the online guide says so?). – dawud Jun 09 '14 at 07:17
  • I don't think I want it at all. I am just trying to set up mail to us smtp but I've got myself in a world of trouble. – cea Jun 09 '14 at 08:14
  • Your machine does not have SELinux enabled. You can just ignore it. Of course, you won't have the extra security provided by SELinux, nor the extra work needed to set it up and maintain it. – dawud Jun 09 '14 at 08:24
  • Optional tool semanage can be installed via yum install policycoreutils-python – Ivan Chau Jun 09 '14 at 09:55

0 Answers0