Drawing lessons from fatal SELinux bug #1054350
Daniel J Walsh
dwalsh at redhat.com
Fri Jan 24 19:22:13 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/24/2014 01:35 PM, Reindl Harald wrote:
>
>
> Am 24.01.2014 19:31, schrieb Reindl Harald:
>>
>> Am 24.01.2014 19:18, schrieb drago01:
>>> On Fri, Jan 24, 2014 at 7:12 PM, Fabian Deutsch <fabian.deutsch at gmx.de>
>>> wrote:
>>>> Am Freitag, den 24.01.2014, 00:55 +0100 schrieb Kevin Kofler:
>>>>> it is time to analyze the fallout from the following catastrophic
>>>>> Fedora 20 regression:
>>>>> https://bugzilla.redhat.com/show_bug.cgi?id=1054350 "rpm scriptlets
>>>>> are exiting with status 127"
>>>>
>>>> Hey,
>>>>
>>>> can't we add a default boot entry which starts the system in
>>>> permissive mode?
>>>
>>> How would that help? If a user knows enough about the issue to try it
>>> he/she could just switch to permissive mode
>>
>> in *that* case
>>
>> in a case where a broken selinux update leads in not boot at all i can
>> not imagine what i would to besides boot with a CD/DVD/USB
>
> to be clear - *i can* edit the boot-params and put selinux=0 there
>
> the average user can't but he may remember "uhm something with selinux was
> one of the last updates" and try the however named option, keep in mind
> some people own only one machine and can't google for help
>
>
>
enforcing=0 in the kernel command line will boot the machine in permissive mode.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlLivWUACgkQrlYvE4MpobOCVwCg13o4l1+JL6MkQhbEOKfXqMBx
0YcAoNnetQTwZMslI7jP1To03WwC0twi
=86Sz
-----END PGP SIGNATURE-----
More information about the devel
mailing list