Hide Forgot
Created attachment 479702 [details] Could not test MLS enabled status - Window Description of problem: In system-config-selinux only status is available. Boolean is missing ( and others ) Version-Release number of selected component (if applicable): policycoreutils-2.0.85-12.fc15.x86_64 How reproducible: always Steps to Reproduce: 1. in terminal system-config-selinux 2. type root password 3. close window 'Could not test MLS enabled status' 4. Actual results: system-config-selinux.py opens but only 'Status' is avilable Expected results: To bee able to chage with boolean Additional info: I am trying to setupp samba share. [floki@flokie ~]$ system-config-selinux ** (system-config-selinux.py:6530): WARNING **: AT-SPI: Accessibility bus not found - Using session bus. /usr/share/system-config-selinux/system-config-selinux.py:71: Warning: g_object_get_valist: object class `GnomeProgram' has no property named `default-icon' xml = gtk.glade.XML ("/usr/share/system-config-selinux/system-config-selinux.glade", domain=PROGNAME) libsemanage.semanage_read_policydb: Could not open kernel policy /etc/selinux/targeted/modules/active/policy.kern for reading. (No such file or directory). /usr/share/system-config-selinux/system-config-selinux.py:181: Warning: cannot retrieve class for invalid (unclassed) type `<invalid>' gtk.main() ^C [floki@flokie ~]$
Created attachment 479703 [details] system-config-selinux.py.png system-config-selinux.py
Could you add me your outputs of # id -Z # su -c 'ls -lZ /etc/selinux/targeted/modules/active/policy.kern' Also any AVC messages related with this issue in your /var/log/audit/audit.log?
Created attachment 479993 [details] /var/log/audit/audit.log
># id -Z [floki@flokie ~]$ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [floki@flokie ~]$ ># su -c 'ls -lZ /etc/selinux/targeted/modules/active/policy.kern' [floki@flokie ~]$ su -c 'ls -lZ /etc/selinux/targeted/modules/active/policy.kern' Password: ls: cannot access /etc/selinux/targeted/modules/active/policy.kern: No such file or directory [floki@flokie ~]$ >Also any AVC messages related with this issue in your /var/log/audit/audit.log? I made a copy off /var/log/audit/audit.log and removed /var/log/audit/audit.log and repeated in terminal system-config-selinux after that /var/log/audit/audit.log was not there. I created /var/log/audit/audit.log as empty file and repeated system-config-selinux again and in was still empty.
Created attachment 479995 [details] SELinux is preventing /usr/lib64/nspluginwrapper/plugin-config from 'read, write' accesses on the chr_file /dev/ptmx. I found this in SElinux Alert Browser
Se Bug 679201 as #5
If you are running an MLS machine in enforcing mode, there is no way system-config-selinux will work correctly.