3:19 p.m.
I'm using the ovirt iso image and can't seem to get selinux to persist off
no matter what i do.
With selinux enforcing, SSHD isnt working, can't install or use the hosts.
With it disabled, all seems to work, but after reboot, boom its enforcing
again.
I even edited /etc/selinux/config and changed it to permissive, then used
"persist config" to persist the file. I reboot, I see the file is still
changed, but selinux is back into enforcing mode (getenforce)
what gives?
I'm using this iso image, is this the latest one? It seems really hard to
navigate the various old links in docs and such to find the most up to date
isos.
ovirt-node-iso-3.0.3-1.1.vdsm.fc19.iso
3:22 p.m.
heh, all the directories here, alpha, beta, nightly, stable, all have the
same image file versions?
http://resources.ovirt.org/releases/node-base/
On Fri, Feb 14, 2014 at 12:19 PM, David Smith <dsmith(a)mypchelp.com> wrote:
4:13 a.m.
Hi David,
Currently I'm testing with
http://fedorapeople.org/~fabiand/node/3.0.4/ovirt-node-iso-3.0.4-1.0.2014...
from http://wiki.ovirt.org/OVirt_3.4_TestDay.
I don't know why fabian has it on his own page.
If you put enforcing=0 in the kernel options when installing it sets
selinux to permissive... at least in my environment
Kind regards,
Jorick Astrego
On Fri, 2014-02-14 at 12:22 -0800, David Smith wrote:
2:09 a.m.
--=-93zUpg8Nw+hApqJ3QWW+
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hey David,
Am Freitag, den 14.02.2014, 12:19 -0800 schrieb David Smith:
(There is a new ISO to try - see below)
Yes - that file is one of the files which "don't work as expected" when
you persist them. This is because that file would be needed very early
in the boot process, but isn't available by then.
You can set SELinux into permissive mode by appending
enforcing=3D0
to the kernel cmdline when you boot the host.
And you can totally disable it using
selinux=3D0
See also:
http://www.ovirt.org/Node_Troubleshooting#SELinux
That image is quite old, but we are in progress of finally publishing a
new ISOs on ressources.ovirt.org.
Candidates which you can also try - and are much more up to date, and
also include SELinux fixes - can be found here:
http://fedorapeople.org/~fabiand/node/3.0.4/
- fabian
--=-93zUpg8Nw+hApqJ3QWW+
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
--=-93zUpg8Nw+hApqJ3QWW+--
4038
days inactive
4045
days old
4 comments
3 participants
participants (3)
-
David Smith -
Fabian Deutsch -
Jorick Astrego