Bug 156766

Summary: implementatoin of setenforce 0 broken
Product: [Fedora] Fedora Reporter: Jonathan S. Shapiro <shap>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-05-06 00:36:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jonathan S. Shapiro 2005-05-04 05:12:29 UTC 
problem:

  setenforce 0 does not fully disable selinux

repeat by:

  create an empty directory somewhere, say, /mumble
  setenforce 0
  yum --installroot=/mumble groupinstall Base

watch all of the postinstall scripts fail

Which begs the question: why does selinux mishandle chroot environments this way
(subject of another bug report).
Comment 1 Jonathan S. Shapiro 2005-05-06 00:36:40 UTC 
I have a better understanding of what was happening with this example, and I
think the bug should be closed. Certainly, it's not high priority. I'm closing
it accordingly.