Bug 1349241
| Summary: | The default setting of selinux should be enforcing. | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [oVirt] ovirt-node | Reporter: | Wei Wang <weiwang> | ||||||||
| Component: | Installation & Update | Assignee: | Ryan Barry <rbarry> | ||||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Wei Wang <weiwang> | ||||||||
| Severity: | high | Docs Contact: | |||||||||
| Priority: | high | ||||||||||
| Version: | 4.0 | CC: | bugs, cshao, dfediuck, fdeutsch, huzhao, leiwang, mgoldboi, rbarry, yaniwang, ycui | ||||||||
| Target Milestone: | ovirt-4.0.1 | Flags: | rule-engine:
ovirt-4.0.z+
mgoldboi: planning_ack+ fdeutsch: devel_ack+ ycui: testing_ack+ |
||||||||
| Target Release: | 4.0 | ||||||||||
| Hardware: | Unspecified | ||||||||||
| OS: | Unspecified | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | rhev-hypervisor7-ng-4.0-20160701.1 | Doc Type: | If docs needed, set a value | ||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2016-08-04 13:31:25 UTC | Type: | Bug | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | Node | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Attachments: |
|
||||||||||
Created attachment 1171231 [details]
log files
Test Version:
redhat-virtualization-host-4.0-20160714.0.x86_64
imgbased-0.7.2-0.1.el7ev.noarch
Test Steps:
1. Automatic install machine with kickstart file in attachment
2. After reboot, login with root account
3. Check the selinux config
#cat /etc/selinux/config
Result:
[root@dell-op790-01 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
The bug cannot be reproduced, so change the status to VERIFIED.
Created attachment 1182312 [details]
ks for verify
|
Created attachment 1171230 [details] ks file Description of problem: The default setting of selinux should be enforcing Version-Release number of selected component (if applicable): rhev-hypervisor7-ng-4.0-20160622.1.x86_64 imgbased-0.7.0-0.1.el7ev.noarch How reproducible: 100% Steps to Reproduce: 1. Automatic install machine with kickstart file in attachment 2. After reboot, login with root account 3. Check the selinux config #cat /etc/selinux/config Actual results: The default setting of selinux is permissive Expected results: The default setting of selinux is enforcing. Additional info: