Closed Pansanel closed 6 years ago
stdweird
commented
6 years ago have you tried disabling selinux with ncm-grub. we have c75 hosts with selinuix=0; but they were upgrades, and there's no grub-awareness in aii, so we should reinstall a node to test it.
stdweird
commented
6 years ago @Pansanel can you add
yum install -y grubby
grubby --set-args=selinux=0to the generated ks file, right before a line that starts with
yum -c /tmp/aii/yum/yum.conf (so before the kernel is installed)
ned21
commented
6 years ago We also disable selinux via (ncm-)grub.
Pansanel
commented
6 years ago We does not need to disable SELinux. Using a permissive setup works fine. We should probably correct the way Quattor is doing the installation. I propose to fix the issue:
yum install -y grubby
grubby --set-args=selinux=0well, if selinux mode is disbaled, we can set selinux=0 and keep removing the packages.
but if permissive mode is used, the packages shouldn't be removed
stdweird
commented
6 years ago if selinux is permissive, it shouldn't remove the selinux packages in current release
By default, selinux is disabled during the OS installation. However, starting with CentOS 7, selinux is only disabled during the installation, but is set as enabled after the installation. It was until now a minor issue, and was probably due to the missing
selinux-policypackage. We can see the following line in theanaconda.logfile:With CentOS 7.5, the issue becomes worse, as the selinux context is not set on the filesystem and it prevent systemd to start correctly. Looking at the file context with the ls -Z command, you can see a '?' for the context for all the files. Setting the AII_OSINSTALL_SELINUX variable to
permissivemakes the installation succeed.At least two solutions are available: