From 424ebb42ecbfc200241d4b619817a5e92e70f2ea Mon Sep 17 00:00:00 2001
From: Hongbin Lu <hongbin.lu@huawei.com>
Date: Mon, 7 Mar 2016 18:54:33 -0500
Subject: [PATCH] Revert "Turn selinux back on after cloud-init"

This reverts commit cf85c5ac03637a4e290ccc1eab404efb49e59a88.

The kube-scheduler failed to spin up after that commit. As a result,
the k8s bay is not functioning. I would suggest to revert that
commit first if we cannot figure out a quick fix.

Closes-Bug: #1551648
Change-Id: If7f8164368be3eec39f9a795a5e7748af68a6f48
---
 magnum/templates/kubernetes/fragments/disable-selinux.sh      | 4 ++++
 .../templates/kubernetes/fragments/enable-services-master.sh  | 2 --
 .../templates/kubernetes/fragments/enable-services-minion.sh  | 2 --
 magnum/templates/swarm/fragments/disable-selinux.sh           | 4 ++++
 magnum/templates/swarm/fragments/enable-services.sh           | 2 --
 5 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/magnum/templates/kubernetes/fragments/disable-selinux.sh b/magnum/templates/kubernetes/fragments/disable-selinux.sh
index 49e9dc79a8..888c0e4467 100644
--- a/magnum/templates/kubernetes/fragments/disable-selinux.sh
+++ b/magnum/templates/kubernetes/fragments/disable-selinux.sh
@@ -2,3 +2,7 @@
 #!/bin/sh
 
 setenforce 0
+
+sed -i '
+  /^SELINUX=/ s/=.*/=permissive/
+' /etc/selinux/config
diff --git a/magnum/templates/kubernetes/fragments/enable-services-master.sh b/magnum/templates/kubernetes/fragments/enable-services-master.sh
index ddf55809d2..cc13a02c15 100644
--- a/magnum/templates/kubernetes/fragments/enable-services-master.sh
+++ b/magnum/templates/kubernetes/fragments/enable-services-master.sh
@@ -9,5 +9,3 @@ for service in etcd docker kube-apiserver kubelet; do
     systemctl enable $service
     systemctl --no-block start $service
 done
-
-setenforce 1
diff --git a/magnum/templates/kubernetes/fragments/enable-services-minion.sh b/magnum/templates/kubernetes/fragments/enable-services-minion.sh
index 79596a420d..0253a37351 100644
--- a/magnum/templates/kubernetes/fragments/enable-services-minion.sh
+++ b/magnum/templates/kubernetes/fragments/enable-services-minion.sh
@@ -15,5 +15,3 @@ for service in docker kubelet; do
     systemctl enable $service
     systemctl --no-block start $service
 done
-
-setenforce 1
diff --git a/magnum/templates/swarm/fragments/disable-selinux.sh b/magnum/templates/swarm/fragments/disable-selinux.sh
index 49e9dc79a8..888c0e4467 100644
--- a/magnum/templates/swarm/fragments/disable-selinux.sh
+++ b/magnum/templates/swarm/fragments/disable-selinux.sh
@@ -2,3 +2,7 @@
 #!/bin/sh
 
 setenforce 0
+
+sed -i '
+  /^SELINUX=/ s/=.*/=permissive/
+' /etc/selinux/config
diff --git a/magnum/templates/swarm/fragments/enable-services.sh b/magnum/templates/swarm/fragments/enable-services.sh
index 1c7ed9790a..d0f064e403 100644
--- a/magnum/templates/swarm/fragments/enable-services.sh
+++ b/magnum/templates/swarm/fragments/enable-services.sh
@@ -7,5 +7,3 @@ for service in $NODE_SERVICES; do
     systemctl enable $service
     systemctl --no-block start $service
 done
-
-setenforce 1