This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 472123 - "selinux=off" boot parametr not recognized by kernel 2.6.27.5-37.fc9 and selinux-policy 3.3.1-107.fc9
"selinux=off" boot parametr not recognized by kernel 2.6.27.5-37.fc9 and seli...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
9
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Eric Paris
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-11-18 15:43 EST by Met Merilius
Modified: 2008-11-18 16:23 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-11-18 16:23:26 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Met Merilius 2008-11-18 15:43:31 EST
Description of problem:
System does not recognise boot parameter "selinux=off". The SELinux mode is determined instead from config files.


Version-Release number of selected component (if applicable):
kernel-PAE.i686                          2.6.27.5-37.fc9 
selinux-policy.noarch                    3.3.1-107.fc9
selinux-policy-targeted.noarch           3.3.1-107.fc9 


How reproducible:
Always


Steps to Reproduce:
1. install kernel-PAE-2.6.27.5-37.fc9.i686
2. append "selinux=off" to grub.conf for this kernel
3. boot the new kernel
  
Actual results:
SELinux policy is not overridden by a boot parameter. The configured policy in /etc/selinux is used instead. With combination of a F9 analog of bug https://bugzilla.redhat.com/show_bug.cgi?id=468645 when selinux was never enabled before it leads to impossibility of logging in.


Expected results:
SELinux is disabled when "selinux=off" is specified as a boot param.


Additional info:
On kernel version kernel-PAE-2.6.26.6-79.fc9.i686 and previous ones problem has never occurred. (Same selinux-version used.)
Didn't try put "enforcing" parameter instead.
Comment 1 James Morris 2008-11-18 16:23:26 EST
The selinux parameter takes 0 or 1 as arguments.

See Documentation/kernel-parameters.txt in the kernel source tree.

Note You need to log in before you can comment on or make changes to this bug.