fedora – selinux已禁用,但仍在执行?

我有一些系统,由于各种原因,我们想要完全禁用se linux.到目前为止,这已经像冠军一样工作,总是在kickstart中使用selinux = 0并确保/ etc / sysconfig / selinux包含:

SELINUX=disabled

但截至今天,我有一台正确设置的Fedora 17工作站,但经过多次重启后,它始终处于强制执行模式:

# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

# getenforce
Enforcing

什么可能导致selinux忽略sysconfig条目,或者尽管它启动?

[编辑1]

我在这里看到了一个相关的问题并试了一下:

# selinuxenabled ; echo $?
0
# getenforce
Enforcing
实际的配置文件是/ etc / sellinux / config,/ etc / sysconfig / selinux链接到该文件.看来你可能已经丢失了链接并最终得到了常规文件.

验证:

# ls -l /etc/sysconfig/selinux
lrwxrwxrwx. 1 root root 17 Dec 22 18:59 /etc/sysconfig/selinux -> ../selinux/config

或检查/ etc / selinux / config的内容

相关文章
相关标签/搜索