palonsoro
commented
2 years ago Opened #55 to address this
Closed palonsoro closed 1 year ago
palonsoro
commented
2 years ago Opened #55 to address this
palonsoro
commented
1 year ago Any chances this can be reviewed? This should be easy and quick to fix with attached PR.
palonsoro
commented
1 year ago Thank you very much.
On centos specific configuration script, an autorelabel is triggered only if SELinux is configured in enforcing mode[1].
However, it should be also triggered in permissive mode. The reason is that rescue environment does not have SELinux enabled, so the files it creates are unlabeled and remain unlabeled, so permissive mode would report false alerts and, what is worse, there would be failures if enforcing mode is set.
An example of a CentOS version that installs with SELinux set to permissive mode is the Centos Stream 8 version available at the time this issue is being reported.
[1] - https://github.com/hetzneronline/installimage/blob/master/centos.sh#L161