Proposed F19 Feature: Dracut HostOnly
Harald Hoyer
harald.hoyer at gmail.com
Fri Feb 1 10:32:25 UTC 2013
Am 29.01.2013 17:20, schrieb John Reiser:
>>>> A generic fallback image should be
>>>> installed by anaconda on installation/update and never ever be
>>>> removed.
>
>> Also, fallback has interesting security properties…
>
>
> "Rescue mode" forces a SELinux relabel at the next boot, and relabel
> can take a very long time.
>
> How does "fallback mode" handle this, particularly if there have been
> updates to SELinux policy after the fallback was created?
>
The "rescue" initramfs and all initramfs in general do _not_ carry any selinux
policies. These are turned on later on the real root. Nothing changes here.
More information about the devel
mailing list