Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

SELinux: Unable to switch to permissive mode
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
vyedmic
n00b
n00b


Joined: 02 Dec 2010
Posts: 45
PostPosted: Mon Dec 16, 2024 1:50 pm    Post subject: SELinux: Unable to switch to permissive mode Reply with quote
Hello,

I have followed the SELinux installation guide and have now multiple times selected SELinux profile and then de-selected it, rebuilt world and depcleaned all selinux remnants but I always hit this same problem. It does not matter whether SELINUX=permissive is set or whether enforcing=0 is passed to kernel. This error always stops init from running.

Code:
SELinux: Unable to switch to permissive mode: Invalid argument


https://paste.pics/SIYEG
Back to top
View user's profile Send private message
sMueggli
Guru
Guru


Joined: 03 Sep 2022
Posts: 511
PostPosted: Mon Dec 16, 2024 3:26 pm    Post subject: Reply with quote
How or where did you set it?

Does the kernel boot if you pass (ad-hoc) "selinux=0" to the kernel parameters?
Back to top
View user's profile Send private message
vyedmic
n00b
n00b


Joined: 02 Dec 2010
Posts: 45
PostPosted: Mon Dec 16, 2024 3:27 pm    Post subject: Reply with quote
Yes, kernel boots without lsm=selinux

I set it in /etc/selinux/config and I also tried passing enforcing=0 to kernel
Back to top
View user's profile Send private message
sMueggli
Guru
Guru


Joined: 03 Sep 2022
Posts: 511
PostPosted: Mon Dec 16, 2024 3:45 pm    Post subject: Reply with quote
Can you please share your complete /etc/selinux/config?

And also the kernel parameters, that you pass to the kernel?
Back to top
View user's profile Send private message
vyedmic
n00b
n00b


Joined: 02 Dec 2010
Posts: 45
PostPosted: Mon Dec 16, 2024 3:59 pm    Post subject: Reply with quote
Kernel parameters

Code:
root=PARTUUID=my-root-part-uuid ro lsm=selinux


/etc/selinux/config is standard, unchanged from the install.

Code:
# This file controls the state of SELinux on the system on boot.

# SELINUX can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=permissive

# SELINUXTYPE can take one of these four values:
#       targeted - Only targeted network daemons are protected.
#       strict   - Full SELinux protection.
#       mls      - Full SELinux protection with Multi-Level Security
#       mcs      - Full SELinux protection with Multi-Category Security
#                  (mls, but only one sensitivity level)
SELINUXTYPE=strict


I am at the point of SELinux installation guide where I am supposed to reboot to label my system.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy