Description of problem: A kickstart "%post" script executes "passwd -d username" and fails if selinux is disabled. Strace shows that selinux is not only reading /etc/sysconfig/selinux, but also /proc/mounts and other files instead of continuing normally with selinux disabled. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Are you sure this is an SELinux problem. is_selinux_enabled() is attempting to check the /proc/mounts to see if it is enabled. is_selinux_enabled() will return 0 if it not enabled, or -1 if it can't tell. The passwd code looks to correctly handle the code if is_selinux_enabled() does not return > 0. So I don't think this is an SELinux error. Changing to passwd.
passwd-0.73 should now correctly proceed when is_selinux_enabled() returns 0 or -1; I don't understand how could this be a passwd problem. Could you please attach the strace here?
This should give the strace output (no machine available right now to show this); %post strace -o /tmp/selinux-passwd passwd -d root
Should not be in new, probably fixed already. regards, Florian La Roche