[RFC PATCH] use sulogin in single-user mode
Bruno Wolff III
bruno at wolff.to
Fri Jan 22 18:29:11 UTC 2010
On Fri, Jan 22, 2010 at 13:15:04 -0500,
Tony Nelson <tonynelson at georgeanelson.com> wrote:
>
> Put SELinux into Permissive mode for single-user mode? Or just print a
> suggestion to do that? (I'd think that SELinux would normally be
> perceived as an obstacle to the normal uses of single-user mode.)
I think doing it automatically is a bad idea. It doesn't save much over typing
"setenforce 0". It does however reduce the security of the system if you
do it by default and there is a vulnerable window before you get
"setenforce 1" entered.
The notice seems odd, but I don't think it would cause actual problems. I
just think it would be odd to know to boot to run level 1 without knowing
how to set selinux to permissive mode.
More information about the devel
mailing list