New Posts  All Forums:Forum Nav:

It didnt work :( - Page 3

post #21 of 39
Quote:
Originally Posted by EntTheGod View Post
runs by default on fedora, should i aim for a distro without it? kinda irritating if the biggest linux security wont let me do exactly what i tell it i want to do in a command line

that brings up another question, does any mainstream distro even install without selinux?
Just set it to permissive, it's what I do every install.

Code:
su -c 'vi /etc/selinux/config'

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Or replace permissive with disabled.
Deimos
(13 items)
 
Pluto
(18 items)
 
 
CPUMotherboardGraphicsRAM
AMD 1090T Biostar TA890FXE Nvidia GTX 470 Corsair Vengence 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 MZ-7PC128D/AM Western Digital Black Western Digital Green Western Digital Blue 
CoolingOSOSMonitor
Dtek v2 Water Windows 7 Pro Fedora 16 LG4250 42" LCD TV 
KeyboardPowerCaseMouse
Microsoft Ergo Silverstone ST-1000P Cooler Master Cosmos 1000 Logitech G500 
Mouse PadAudio
X-Trac Ripper Asus D1 
  hide details  
Reply
Deimos
(13 items)
 
Pluto
(18 items)
 
 
CPUMotherboardGraphicsRAM
AMD 1090T Biostar TA890FXE Nvidia GTX 470 Corsair Vengence 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 MZ-7PC128D/AM Western Digital Black Western Digital Green Western Digital Blue 
CoolingOSOSMonitor
Dtek v2 Water Windows 7 Pro Fedora 16 LG4250 42" LCD TV 
KeyboardPowerCaseMouse
Microsoft Ergo Silverstone ST-1000P Cooler Master Cosmos 1000 Logitech G500 
Mouse PadAudio
X-Trac Ripper Asus D1 
  hide details  
Reply
post #22 of 39
Every time I try Fedora (which is not that often) the first thing I do is remove SELinux. It is nothing more than a pain in the ass that gives me security warnings for doing just about anything.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #23 of 39
I feel so noob next to you guys because I don't know what is so bad with SELinux. Is this like UAC in vista and win7? What exactly do you do that makes it "show up" or is it something you don't see. If I'm asking dumb questions just throw a link and I'll read.
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #24 of 39
Quote:
Originally Posted by Rookie1337 View Post
I feel so noob next to you guys because I don't know what is so bad with SELinux. Is this like UAC in vista and win7? What exactly do you do that makes it "show up" or is it something you don't see. If I'm asking dumb questions just throw a link and I'll read.
HaHah! You know how I think about automatic dependency resolution for simple apps on a Desktop box, right? Well security is orders of magnitude more important, IMHO. SELinux makes me channel Charlton Heston (Get your hands off me you damn dirty apes!)

Just type "dmesg | grep selinux" and hope for a null set. If not summon visions of Monty Python's Holy Grail (Run away! Run away!) or imagine SELinux as the black knight bridge guard (It's just a flesh wound. Come back here and I'll bite off your legs!)

Will you be the first to buy a robot Nanny to baby sit your kids? Consider that analogy is even way too little since baby sitting is far less dynamic that the ever changing world of security.
NewMain
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 - 3550 Asrock Z77 Extreme4 Gigabyte GTX 760  4x2GB Corsair Vengeance 
Hard DriveOptical DriveCoolingOS
Seagate SATA 2TB x 2  Plextor PX-891SAW CM-Hyper N520 Slackware 14, Studio KUbuntu, OpenSuSe 12.3, Wi... 
MonitorKeyboardPowerCase
32" Vizio HDTV + DLP Logitech Wireless Corsair HX-850 Antec Sonata I 
MouseMouse PadAudioOther
Razer DeathAdder 2013 dual ESI Juli@ CoolGear ExtSata Enclosure w/ Optical and 3TB S... 
  hide details  
Reply
NewMain
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 - 3550 Asrock Z77 Extreme4 Gigabyte GTX 760  4x2GB Corsair Vengeance 
Hard DriveOptical DriveCoolingOS
Seagate SATA 2TB x 2  Plextor PX-891SAW CM-Hyper N520 Slackware 14, Studio KUbuntu, OpenSuSe 12.3, Wi... 
MonitorKeyboardPowerCase
32" Vizio HDTV + DLP Logitech Wireless Corsair HX-850 Antec Sonata I 
MouseMouse PadAudioOther
Razer DeathAdder 2013 dual ESI Juli@ CoolGear ExtSata Enclosure w/ Optical and 3TB S... 
  hide details  
Reply
post #25 of 39
I've wanted to learn SELinux and tried it a few times in the past to get it setup on Gentoo but I never got it running. I could never boot to login whenever I set it to enforcing.

I do agree that it feels like a pain in the ass but also sounds extremely powerful.
post #26 of 39
Hey OP, try
Code:
# chmod -x /bin/chmod
15s
(13 items)
 
  
CPUMotherboardGraphicsRAM
Athlon II x4 640 Gigabyte 880GM-D2H AMD HD4250 4 GB 
Hard DriveOSMonitorPower
640GB Arch GNU/Linux i686 Fujitsu Siemens 4612 FA 350 W 
Mouse
Logitech G9x 
  hide details  
Reply
15s
(13 items)
 
  
CPUMotherboardGraphicsRAM
Athlon II x4 640 Gigabyte 880GM-D2H AMD HD4250 4 GB 
Hard DriveOSMonitorPower
640GB Arch GNU/Linux i686 Fujitsu Siemens 4612 FA 350 W 
Mouse
Logitech G9x 
  hide details  
Reply
post #27 of 39
Quote:
Originally Posted by esocid View Post
...why?
Of course it didn't work, you can't delete your OS while you're inside of it.
You used to be able to. A lot of people who used to hack *nix servers back in the day would run the command to destroy the system (usually as a nuisance to someone they didn't like).

Quote:
Originally Posted by Jimi View Post
+1111
I'm absolutely shocked that Fedora runs it by default...well not too shocked since it also does on CentOS etc...

But yeah, first thing anybody that knows what they're doing should do is purge SELinux off of their system.
While I think SELinux is overkill for a desktop machine, I do not think it is worthless. It is a highly powerful MLS system that is good if running a server.
Edited by thiussat - 1/25/11 at 10:53am
Skylake Build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5-6600k Gigabyte Z-170 Gaming 7 Gigabyte R9 390  Gskill Ripjaws V DDR4 
Hard DriveCoolingOSMonitor
Samsung 850 Evo Corsair H115i Windows 10 Pro Asus  
KeyboardPowerCaseMouse
Generic EVGA NEX750 G1 Phanteks Eclipse P400 GSkill MX780 
  hide details  
Reply
Skylake Build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5-6600k Gigabyte Z-170 Gaming 7 Gigabyte R9 390  Gskill Ripjaws V DDR4 
Hard DriveCoolingOSMonitor
Samsung 850 Evo Corsair H115i Windows 10 Pro Asus  
KeyboardPowerCaseMouse
Generic EVGA NEX750 G1 Phanteks Eclipse P400 GSkill MX780 
  hide details  
Reply
post #28 of 39
Quote:
Originally Posted by thiussat View Post
<snip>
While I think SELinux is overkill for a desktop machine, I do not think it is worthless. It is a highly powerful MLS system that is good if running a server.
I think SELinux in any venue is worse than worthless. It's like driving on black ice with "all-weather" tires - you think you're prepared for the conditions and on solid ground and it is a dangerous illusion. To continue the "auto" analogy, automatic transmission aren't exactly useless but you won't find a single one on most race venues because they take away control from the driver - control that could save your car or even your life.

Similarly any decent administrator can and should implement proper security for the exact network topology and user hierarchy over which he administers and not depend on some lazy, generic, formulaic POS.

Nothing against you, thuissat... we just disagree in this matter.
NewMain
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 - 3550 Asrock Z77 Extreme4 Gigabyte GTX 760  4x2GB Corsair Vengeance 
Hard DriveOptical DriveCoolingOS
Seagate SATA 2TB x 2  Plextor PX-891SAW CM-Hyper N520 Slackware 14, Studio KUbuntu, OpenSuSe 12.3, Wi... 
MonitorKeyboardPowerCase
32" Vizio HDTV + DLP Logitech Wireless Corsair HX-850 Antec Sonata I 
MouseMouse PadAudioOther
Razer DeathAdder 2013 dual ESI Juli@ CoolGear ExtSata Enclosure w/ Optical and 3TB S... 
  hide details  
Reply
NewMain
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 - 3550 Asrock Z77 Extreme4 Gigabyte GTX 760  4x2GB Corsair Vengeance 
Hard DriveOptical DriveCoolingOS
Seagate SATA 2TB x 2  Plextor PX-891SAW CM-Hyper N520 Slackware 14, Studio KUbuntu, OpenSuSe 12.3, Wi... 
MonitorKeyboardPowerCase
32" Vizio HDTV + DLP Logitech Wireless Corsair HX-850 Antec Sonata I 
MouseMouse PadAudioOther
Razer DeathAdder 2013 dual ESI Juli@ CoolGear ExtSata Enclosure w/ Optical and 3TB S... 
  hide details  
Reply
post #29 of 39
Quote:
Originally Posted by enorbet2 View Post
HaHah! You know how I think about automatic dependency resolution for simple apps on a Desktop box, right? Well security is orders of magnitude more important, IMHO. SELinux makes me channel Charlton Heston (Get your hands off me you damn dirty apes!)

Just type "dmesg | grep selinux" and hope for a null set. If not summon visions of Monty Python's Holy Grail (Run away! Run away!) or imagine SELinux as the black knight bridge guard (It's just a flesh wound. Come back here and I'll bite off your legs!)

Will you be the first to buy a robot Nanny to baby sit your kids? Consider that analogy is even way too little since baby sitting is far less dynamic that the ever changing world of security.
Well, I ran that command as root in MeeGo and nothing happened. Just started another blanks input line. also, "find selinux" turned up nothing. Guess MeeGo doesn't have it? I think I'll see about Kubuntu though I figure it will.

So autosized of the auto argument, what about for the general user? Sure we all want to have full control but to do that requires knowing a lot more. What should the general user do then?

@ enorbet: MeeGo has been one perfect demonstration of why repos and automatic things like apt, yum, and pacman are not perfect. They only work well if you have well maintained repos and if you don't have GUI updaters blocking the terminal ones (IE zypper I like but I have to fight another "packagekit" to let it work). There are things that should be automatically maintained (general hardware) but software is not one of them.
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #30 of 39
Quote:
Originally Posted by Rookie1337 View Post
Well, I ran that command as root in MeeGo and nothing happened. Just started another blanks input line. also, "find selinux" turned up nothing. Guess MeeGo doesn't have it? I think I'll see about Kubuntu though I figure it will.

So autosized of the auto argument, what about for the general user? Sure we all want to have full control but to do that requires knowing a lot more. What should the general user do then?

@ enorbet: MeeGo has been one perfect demonstration of why repos and automatic things like apt, yum, and pacman are not perfect. They only work well if you have well maintained repos and if you don't have GUI updaters blocking the terminal ones (IE zypper I like but I have to fight another "packagekit" to let it work). There are things that should be automatically maintained (general hardware) but software is not one of them.
For a single user desktop distro, I find it useless. When Fedora started shipping with it, I'd leave it on and create rules for stuff I used, but it became a pain because I'd have to do it for so much. Then I just set it to permissive. For multi user, or heavily networked, I can see its usefulness, but have never had an opportunity to use it.
Deimos
(13 items)
 
Pluto
(18 items)
 
 
CPUMotherboardGraphicsRAM
AMD 1090T Biostar TA890FXE Nvidia GTX 470 Corsair Vengence 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 MZ-7PC128D/AM Western Digital Black Western Digital Green Western Digital Blue 
CoolingOSOSMonitor
Dtek v2 Water Windows 7 Pro Fedora 16 LG4250 42" LCD TV 
KeyboardPowerCaseMouse
Microsoft Ergo Silverstone ST-1000P Cooler Master Cosmos 1000 Logitech G500 
Mouse PadAudio
X-Trac Ripper Asus D1 
  hide details  
Reply
Deimos
(13 items)
 
Pluto
(18 items)
 
 
CPUMotherboardGraphicsRAM
AMD 1090T Biostar TA890FXE Nvidia GTX 470 Corsair Vengence 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 MZ-7PC128D/AM Western Digital Black Western Digital Green Western Digital Blue 
CoolingOSOSMonitor
Dtek v2 Water Windows 7 Pro Fedora 16 LG4250 42" LCD TV 
KeyboardPowerCaseMouse
Microsoft Ergo Silverstone ST-1000P Cooler Master Cosmos 1000 Logitech G500 
Mouse PadAudio
X-Trac Ripper Asus D1 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix