Browse Source

Merge "Force SELinux to be in permissive mode"

tags/2.4.0
Zuul 2 months ago
committed by Gerrit Code Review
parent
commit
d1d3a7e555
3 changed files with 8 additions and 2 deletions
  1. +1
    -0
      dib/ironic-python-agent-ramdisk/element-deps
  2. +1
    -2
      doc/source/admin/dib.rst
  3. +6
    -0
      releasenotes/notes/selinux-permissive-a059f42bb66373a1.yaml

+ 1
- 0
dib/ironic-python-agent-ramdisk/element-deps View File

@@ -6,5 +6,6 @@ package-installs
pip-and-virtualenv
pkg-map
runtime-ssh-host-keys
selinux-permissive
source-repositories
svc-map

+ 1
- 2
doc/source/admin/dib.rst View File

@@ -123,8 +123,7 @@ The *dynamic-login* element allows the operator to inject an SSH key at boot
time via the kernel command line parameters:

* Add ``sshkey="ssh-rsa <your public key here>"`` to ``pxe_append_params``
setting in the ``ironic.conf`` file. Disabling SELinux is required for
systems where it is enabled, it can be done with ``selinux=0``.
setting in the ``ironic.conf`` file.

.. warning:: Quotation marks around the public key are important!



+ 6
- 0
releasenotes/notes/selinux-permissive-a059f42bb66373a1.yaml View File

@@ -0,0 +1,6 @@
---
fixes:
- |
The DIB-based ramdisk is now always built with SELinux set to permissive.
Enabling SELinux may result in broken ramdisks and does not make much
sense for IPA anyway.

Loading…
Cancel
Save