Bug 1349241
Summary: | The default setting of selinux should be enforcing. | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [oVirt] ovirt-node | Reporter: | Wei Wang <weiwang> | ||||||||
Component: | Installation & Update | Assignee: | Ryan Barry <rbarry> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Wei Wang <weiwang> | ||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | 4.0 | CC: | bugs, cshao, dfediuck, fdeutsch, huzhao, leiwang, mgoldboi, rbarry, yaniwang, ycui | ||||||||
Target Milestone: | ovirt-4.0.1 | Flags: | rule-engine:
ovirt-4.0.z+
mgoldboi: planning_ack+ fdeutsch: devel_ack+ ycui: testing_ack+ |
||||||||
Target Release: | 4.0 | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | rhev-hypervisor7-ng-4.0-20160701.1 | Doc Type: | If docs needed, set a value | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2016-08-04 13:31:25 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | Node | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Created attachment 1171231 [details]
log files
Test Version: redhat-virtualization-host-4.0-20160714.0.x86_64 imgbased-0.7.2-0.1.el7ev.noarch Test Steps: 1. Automatic install machine with kickstart file in attachment 2. After reboot, login with root account 3. Check the selinux config #cat /etc/selinux/config Result: [root@dell-op790-01 ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted The bug cannot be reproduced, so change the status to VERIFIED. Created attachment 1182312 [details]
ks for verify
|
Created attachment 1171230 [details] ks file Description of problem: The default setting of selinux should be enforcing Version-Release number of selected component (if applicable): rhev-hypervisor7-ng-4.0-20160622.1.x86_64 imgbased-0.7.0-0.1.el7ev.noarch How reproducible: 100% Steps to Reproduce: 1. Automatic install machine with kickstart file in attachment 2. After reboot, login with root account 3. Check the selinux config #cat /etc/selinux/config Actual results: The default setting of selinux is permissive Expected results: The default setting of selinux is enforcing. Additional info: