Ubuntu
refpolicy-ubuntu package

SE Linux not enabled

Bug #434084 reported by Lars Noodén
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
refpolicy-ubuntu (Ubuntu)
Fix Released
Medium
Caleb Case
Ubuntu ubuntu-9.10
Karmic
Fix Released
Medium
Caleb Case
Ubuntu ubuntu-9.10

Bug Description

This is on Karmic Koala for i386.
After installing selinux and selinux-policy-ubuntu (and rebooting), SE Linux is not enabled.
Having SE Linux enabled manually should be possible, but it is not:

# setenforce 1
setenforce: SELinux is disabled

# /usr/bin/newrole
Sorry, newrole may be used only on a SELinux kernel.

# apt-cache policy selinux
selinux:
  Installed: 1:0.5
  Candidate: 1:0.5
  Version table:
 *** 1:0.5 0
        500 http://fi.archive.ubuntu.com karmic/universe Packages
        100 /var/lib/dpkg/status

Revision history for this message
Lars Noodén (larsnooden) wrote :

# lsb_release -rd
Description: Ubuntu karmic (development branch)
Release: 9.10

Jamie Strandboge (jdstrand)
visibility: private → public
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Did you adjust your kernel parameters to have something like:
security=selinux selinux=1 enforcing=0

The 'security=selinux' part is new in 9.10.

Changed in refpolicy-ubuntu (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
status: New → Incomplete
Revision history for this message
Lars Noodén (larsnooden) wrote :

Grub2 is installed. I've tried changing /etc/boot/grub.cfg manually, but it seems to be ignored by it on startup.

The settings set by default (or by running update-grub2 ) are these:

menuentry "Ubuntu, Linux 2.6.31-10-generic" {
        set quiet=1
        insmod ext2
        set root=(hd0,1)
        search --no-floppy --fs-uuid --set 18294173-0b20-4f40-9830-ee1fc4f828aa
        linux /boot/vmlinuz-2.6.31-10-generic root=UUID=18294173-0b20-4f40-9830-ee1fc4f828aa ro quiet splash security=selinux selinux=1
        initrd /boot/initrd.img-2.6.31-10-generic

$ apt-cache policy grub2
grub2:
  Installed: (none)
  Candidate: 1.97~beta3-1ubuntu5
  Version table:
     1.97~beta3-1ubuntu5 0
        500 http://fi.archive.ubuntu.com karmic/universe Packages

Jamie Strandboge (jdstrand)
Changed in refpolicy-ubuntu (Ubuntu):
assignee: Jamie Strandboge (jdstrand) → nobody
status: Incomplete → New
Jamie Strandboge (jdstrand)
Changed in refpolicy-ubuntu (Ubuntu):
status: New → Confirmed
milestone: none → ubuntu-9.10
importance: Undecided → Medium
Kees Cook (kees)
Changed in refpolicy-ubuntu (Ubuntu Karmic):
assignee: nobody → Caleb Case (calebcase)
status: Confirmed → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package refpolicy-ubuntu - 0.2.20090730-0ubuntu1

---------------
refpolicy-ubuntu (0.2.20090730-0ubuntu1) karmic; urgency=low

  * Updated to upstream release 2.20090730
  * Handle Upstart direct execution of daemons.
  * Pre-depend on selinux to ensure that the trigger is handled (LP: #434084).

 -- Caleb Case <email address hidden> Mon, 19 Oct 2009 01:48:39 -0400

Changed in refpolicy-ubuntu (Ubuntu Karmic):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.