On 08/30/2011 03:23 PM, Ned Slider wrote: > On 30/08/11 20:08, Michael D. Berger wrote: >> In setting up my new CentOS 6 laptop, I replaced >> /etc/sysconfig/iptables with my own, very restrictive >> version. I then tried to restart the iptables daemon, >> but it reported that my new iptables was unreadable. >> On a guess, I disabled selinux, and my problem was >> solved. Later, I re-enabled selinux and on reboot, it >> had to go through a very long setup procedure.
> Rather than disabling, you can put SELinux in permissive mode to > troubleshoot. Permissive mode will warn but still allow all actions that > would otherwise be blocked in enforcing mode. > Further to this, chcon --reference <originalfile> <newfile>, then test with selinux back in enforcing mode. > When you disable SELinux and then later re-enable it, the whole file > system will need to be relabeled at boot, and this is probably what took > the time on your system. Switching between permissive and enforcing > modes avoids this. > Regards, Phil _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
