Once upon a time, Bill Nottingham <notting(a)redhat.com> said:
We have an existing bug where if you're in single-user mode, and
SELinux is active, various commands don't print to the console.
The root of this is the single-user shell isn't running in the
right SELinux context, as there's nothing to distinguish this from
the 'normal' shells run during bootup.
By far, the simplest fix is to run something that starts a shell
via a 'normal' login-ish mechanism. Hence, the attached patch
that switches to sulogin for single user mode.
One other note about this: this would break with a separate /usr and a
failure in mounting /usr, because (at least in F12) /sbin/sulogin is
linked against libfreebl3.so (which is in /usr/lib{,64}). It looks like
libfreebl3.so was moved from /lib{,64} in F11 to /usr/lib{,64} in F12,
but the changelog doesn't say why.
This is already a problem, because an fsck failure tries to start
sulogin (and if the fsck failure is on /usr, you're hosed).
I'd still prefer this to be configurable according to local policy (e.g.
use a /sbin/single-user-shell program that can try sulogin, /bin/bash,
/bin/dash, etc., possibly according to something in /etc/sysconfig).
--
Chris Adams <cmadams(a)hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.