jeff wrote:
Peter Jones wrote:
> Does the system boot up correctly afterwards?
Yes, assuming the "Starting in permissive mode" is correct.
That seems to match all the important criteria -- it doesn't enforce the
permissions scheme on you. It doesn't get "in the way".
> What does "getenforce" say when you run it?
"Disabled"
I don't know what the ramifications are, but it definitely has different
behaviour if you disable using selinux=0 than if you don't. I see no
reason why it should be loaded, initialized, etc. if it isn't wanted.
We're not stopping you from setting it to disabled in the config file,
we're just not helping you do so, either. Really, permissive is good
enough here. If you're really /actively/ concerned about it, the
barrier to disabling it completely is very low. If you're not,
permissive is enough.
Since this seems to work, I don't think we'll be making any further
changes in anaconda to support this fringe use case.
--
Peter
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
