Yuan Yijun (bbbush) wrote,
Yuan Yijun
bbbush

selinux caused trouble...

10:30 -!- Irssi: Join to #fedora-cn was synced in 31 secs
10:32 <+hers> selinux 太讨厌了,在 disable 或者 permissive
模式安装的内核不能启动到 enforcing 里,还得在 permissive 模式时
setenforce 1 之后才能安装内核
10:33 <+hers> 从 disable 到 permissive 要重启一次,relabel 好久。 setenforce 1
也只能在 single 时执行,否则会让 X 锁住
10:37 <+hers> 启动个 tor 还得先 setenforce 0。运行 realplay 也是。之后
setenforce 1 倒是不会锁住 X 了。杀了我吧…… 真烦这东西


disable 是不行的,很多地方还是会有检测,而且是当作 enforcing 来检测的…… 和 permissive 一样。为什么要有
permissive 这种模式呢,设计上要么 disable,要么 enforcing,然后只要将这两种情况测试和处理完全,将
permissive 作为 enforcing 的一个特例(一个 global
boolean),不建议使用这种混合的,谁都不知道发生了什么的状态,可以减少一半麻烦。
Tags: fedora
Subscribe

  • 2020

    Last time I wrote a review was in 2018, about 2017. Or maybe I wrote something elsewhere, maybe on Twitter? It was hard to write something freely…

  • #thotcon badge?

    [root@m4700 ~]# esptool write_flash 0x00000 /home/yuan/tracking/thotcon0x9/tc0x9.bin esptool.py v2.3.1 Connecting.... Detecting chip type...…

  • Portfolio weighted averages

    Last week I got an assignment to make a small Java library for some often used portfolio calculations. A portfolio is a collection of holdings, each…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    switch
    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    Help
  • 0 comments