Re: lorax - selinux limitation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



And, do you have  "dracut nfs module' installed inside?


 ---- On Wed, 16 Dec 2015 18:32:51 +0300 Dominique Martinet <dominique.martinet@xxxxxx> wrote ---- 
 > Hi,
 > 
 > in el7, in /usr/lib/python2.7/site-packages/pylorax/__init__.py we have
 > this comment/code:
 > # is selinux disabled?
 > # With selinux in enforcing mode the rpcbind package required for
 > # dracut nfs module, which is in turn required by anaconda module,
 > # will not get installed, because it's preinstall scriptlet fails,
 > # resulting in an incomplete initial ramdisk image.
 > # The reason is that the scriptlet runs tools from the shadow-utils
 > # package in chroot, particularly groupadd and useradd to add the
 > # required rpc group and rpc user. This operation fails, because
 > # the selinux context on files in the chroot, that the shadow-utils
 > # tools need to access (/etc/group, /etc/passwd, /etc/shadow etc.),
 > # is wrong and selinux therefore disallows access to these files.
 > logger.info("checking the selinux mode")
 > if selinux.is_selinux_enabled() and selinux.security_getenforce():
 >     logger.critical("selinux must be disabled or in Permissive mode")
 >     sys.exit(1)

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list



[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux