Charlie Brune
2015-May-25 20:32 UTC
[CentOS] "selinux --disabled" in kickstart file does NOT disable SELINUX
Has the "selinux --disabled" line for kickstart files been depreciated? ? ? My CentOS 6.6 kickstart file contains the line: selinux --disabled After the install completes, SELinux is enabled instead of disabled. /etc/selinux/config contains "SELINUX=enforcing" instead of "SELINUX=disabled". ? Thanks, Charlie
Rob Kampen
2015-May-26 02:40 UTC
[CentOS] "selinux --disabled" in kickstart file does NOT disable SELINUX
On 05/26/2015 08:32 AM, Charlie Brune wrote:> Has the "selinux --disabled" line for kickstart files been depreciated? > > > > My CentOS 6.6 kickstart file contains the line: > > > > selinux --disabled > > After the install completes, SELinux is enabled instead of disabled. >I believe this has been the default since at least 6.1 - the version I installed on my workstation about three years ago. It came up at first reboot with selinux enforcing. Unlike CentOS 5.x where I used selinux in permissive mode only, I have found 6.x seems to work just fine with enforcing mode provided one sets and uses the appropriate selinux booleans that are in place for the packages and work scenario that one needs. As far as I recall, I have only had one or two situations where I've had to follow the the audittoallow instructions.> /etc/selinux/config contains "SELINUX=enforcing" instead of "SELINUX=disabled". > > > Thanks, > > Charlie > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
Andrew Holway
2015-May-26 05:49 UTC
[CentOS] "selinux --disabled" in kickstart file does NOT disable SELINUX
To set selinux to permissive or disabled mode during a kickstart installation, add the sed -i -e 's/\(^SELINUX=\).*$/\1permissive/' /etc/selinux/config command to the %post section of the kickstart file. Making sure to replace "permissive" with the required selinux mode. -- https://bugzilla.redhat.com/show_bug.cgi?id=435300 On 26 May 2015 at 04:40, Rob Kampen <rkampen at kampensonline.com> wrote:> On 05/26/2015 08:32 AM, Charlie Brune wrote: > >> Has the "selinux --disabled" line for kickstart files been depreciated? >> >> My CentOS 6.6 kickstart file contains the line: >> >> >> selinux --disabled >> >> After the install completes, SELinux is enabled instead of disabled. >> >> I believe this has been the default since at least 6.1 - the version I > installed on my workstation about three years ago. > It came up at first reboot with selinux enforcing. > Unlike CentOS 5.x where I used selinux in permissive mode only, I have > found 6.x seems to work just fine with enforcing mode provided one sets and > uses the appropriate selinux booleans that are in place for the packages > and work scenario that one needs. As far as I recall, I have only had one > or two situations where I've had to follow the the audittoallow > instructions. > > /etc/selinux/config contains "SELINUX=enforcing" instead of >> "SELINUX=disabled". >> >> Thanks, >> >> Charlie >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
Possibly Parallel Threads
- "selinux --disabled" in kickstart file does NOT disable SELINUX
- "selinux --disabled" in kickstart file does NOT disable SELINUX
- "selinux --disabled" in kickstart file does NOT disable SELINUX
- "selinux --disabled" in kickstart file does NOT disable SELINUX
- "selinux --disabled" in kickstart file does NOT disable SELINUX