fedup and selinux
Chris Murphy
lists at colorremedies.com
Tue Dec 24 19:07:32 UTC 2013
On Dec 24, 2013, at 10:48 AM, Rick Stevens <ricks at alldigital.com> wrote:
> On 12/24/2013 01:42 AM, Bill Murray issued this missive:
>> Dear all,
>> I had trouble persuading 'fedup --network 20' to run on my f19
>> laptop. It install all the files and gets ready. Then it boots and gets
>> as far as:
>>
>> [ OK ] Started trigger flushing of journal to persistent storage
>> [ OK ] Started Forward Password Requests to Plymouth
>> [ OK ] Started Forward Password Requests to Plymouth
>> [ OK] Started Recreate Volatile files and Directories
>> There are then 3 lines of selinux permission denied. But no problem,
>> selinux is set permissive anyway.
>>
>> Earlier on I see 'dracut-initqueue[400] failed to issue method call:
>> Access denied'
>>
>> However, when I add selinux=0 to the command line..installation proceeds.
>> This is very odd - selinux was in permissive mode.
>
> I've said this before and I'll say it again...permissive mode does NOT
> allow ALL access (permissive != disabled, despite what others may say).
> If you see selinux deny messages, it's still being denied. I've seen
> this bite people a number of times.
When enforcing=0 it reports denial messages, it does not enforce the denials.
http://danwalsh.livejournal.com/24537.html
http://danwalsh.livejournal.com/10972.html
You might be thinking of the application of permissive domains, which largely still causes enforcement of denials to occur.
Chris Murphy
More information about the users
mailing list