On 10-01-21 12:21:45, Bill Nottingham wrote:
We have an existing bug where if you're in single-user mode, and SELinux is active, various commands don't print to the console. The root of this is the single-user shell isn't running in the right SELinux context, as there's nothing to distinguish this from the 'normal' shells run during bootup.
By far, the simplest fix is to run something that starts a shell via a 'normal' login-ish mechanism. Hence, the attached patch that switches to sulogin for single user mode.
However, this changes behavior that has existed since the dawn of time in Red Hat/Fedora systems; with this change, single-user mode would now require the root password. This is both when booting with 'linux single/linux S', or going to runlevel 1 with 'telinit 1'.
Comments?
Put SELinux into Permissive mode for single-user mode? Or just print a suggestion to do that? (I'd think that SELinux would normally be perceived as an obstacle to the normal uses of single-user mode.)