Skip to content

Reboot to change selinux state #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 18, 2021
Merged

Reboot to change selinux state #48

merged 1 commit into from
Mar 18, 2021

Conversation

sjpb
Copy link
Collaborator

@sjpb sjpb commented Mar 17, 2021

Handle SELinux state changes which require reboots to take effect (e.g. enabled to disabled)

jovial
jovial reviewed Mar 17, 2021
View reviewed changes
Copy link
Collaborator

@jovial jovial left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we use setenforce 0 to avoid the reboot?

@sjpb
Copy link
Collaborator Author

sjpb commented Mar 18, 2021
edited
Loading

Could we use setenforce 0 to avoid the reboot?

Hmm it'd be neat - I guess only if reboot is required (then don't actually reboot). However on one environment it turned out setting permissive != disabled so this might give us a state which doesn't match the rebooted state. Maybe I'd rather take the hit on rebooting if its necessary for predictable behaviour.

@jovial
Copy link
Collaborator

jovial commented Mar 18, 2021

Could we use setenforce 0 to avoid the reboot?

Hmm it'd be neat - I guess only if reboot is required (then don't actually reboot). However on one environment it turned out setting permissive != disabled so this might give us a state which doesn't match the rebooted state. Maybe I'd rather take the hit on rebooting if its necessary for predictable behaviour.

Good point, agreed that rebooting is the cleanest solution here.

@sjpb sjpb merged commit 36deefa into main Mar 18, 2021
@sjpb sjpb deleted the fix/selinux branch March 18, 2021 16:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jovial jovial jovial approved these changes

Assignees

@jovial jovial

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sjpb @jovial