On 01/21/2010 12:21 PM, Bill Nottingham wrote:
We have an existing bug where if you're in single-user mode, and
SELinux is active, various commands don't print to the console. The
root of this is the single-user shell isn't running in the right
SELinux context, as there's nothing to distinguish this from the
'normal' shells run during bootup.
By far, the simplest fix is to run something that starts a shell via
a 'normal' login-ish mechanism. Hence, the attached patch that
switches to sulogin for single user mode.
Does this also fix any the various problems where /bin/login sets up
your tty but bash alone doesn't, so things like C-left and C-c don't
work right? If so, that's a very good thing.
However, this changes behavior that has existed since the dawn of
time in Red Hat/Fedora systems; with this change, single-user mode
would now require the root password. This is both when booting with
'linux single/linux S', or going to runlevel 1 with 'telinit 1'.
The only drawback I see here is that it may mean depending on nsswitch
and pam to get to a single user root shell, which means a lot more things
have to be working.
--
Peter
Obviously, a major malfunction has occurred.
-- Steve Nesbitt, voice of Mission Control, January 28, 1986