Merge "Force SELinux to be in permissive mode"

This commit is contained in:
Zuul 2020-11-09 16:53:04 +00:00 committed by Gerrit Code Review
commit d1d3a7e555
3 changed files with 8 additions and 2 deletions

View File

@ -6,5 +6,6 @@ package-installs
pip-and-virtualenv
pkg-map
runtime-ssh-host-keys
selinux-permissive
source-repositories
svc-map

View File

@ -123,8 +123,7 @@ The *dynamic-login* element allows the operator to inject an SSH key at boot
time via the kernel command line parameters:
* Add ``sshkey="ssh-rsa <your public key here>"`` to ``pxe_append_params``
setting in the ``ironic.conf`` file. Disabling SELinux is required for
systems where it is enabled, it can be done with ``selinux=0``.
setting in the ``ironic.conf`` file.
.. warning:: Quotation marks around the public key are important!

View File

@ -0,0 +1,6 @@
---
fixes:
- |
The DIB-based ramdisk is now always built with SELinux set to permissive.
Enabling SELinux may result in broken ramdisks and does not make much
sense for IPA anyway.