SCIENTIFIC-LINUX-USERS Archives

March 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: SL 6.2 does not honor selinux kickstart option
From:
Branden Timm <[log in to unmask]>
Reply To:
Branden Timm <[log in to unmask]>
Date:
Fri, 16 Mar 2012 10:05:28 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (153 lines) 
I used the following kickstart with SL 6.2 x86_64 to produce the 
behavior, and I just noticed that there was a typo in the firewall 
directive.  Ports 22 and 442 are separated by a period, not a comma.  
Could it be that the period caused parsing issues but didn't report an 
error?

install
cdrom
lang en_US.UTF-8
keyboard us

rootpw  --iscrypted<sanitized>

firewall --enabled --port=22.443,5222
authconfig --enableshadow --passalgo=sha512
selinux --disabled

timezone --utc America/Chicago

bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"

network --bootproto=static --ip=<sanitized --netmask=255.255.255.192 --gateway=<sanitized>  --nameserver=<sanitized>  --hostname=<sanitized>  --onboot=yes
clearpart --all --initlabel

part /boot --fstype=ext4 --size=500

part pv.01 --grow --size=1

volgroup vg_base --pesize=4096 pv.01
logvol swap --name=lv_swap --vgname=vg_base --size=2048
logvol /tmp --fstype=ext4 --name=lv_tmp --vgname=vg_base --size 8096
logvol /var/log --fstype=ext4 --name=lv_log --vgname=vg_base --size 4096
logvol / --fstype=ext4 --name=lv_root --vgname=vg_base --size 10240 --grow
repo --name="Scientific Linux"  --baseurl=file:///mnt/source --cost=100

%packages
@base
@core
@perl-runtime
@scalable-file-systems
perl-DBD-SQLite
-vconfig
-sos
-wireless-tools
-system-config-network-tui
-dmraid
-tcsh
-cpuspeed
-cryptsetup-luks
-systemtap-runtime
-fprintd-pam
irqbalance
-dosfstools
-smartmontools
-rfkill
-system-config-firewall-tui
-pm-utils
-bridge-utils
-sl-release-notes
-tcpdump
-pcmciautils
-hunspell
-b43-fwcutter
-aic94xx-firmware
-atmel-firmware
-bfa-firmware
-ipw2100-firmware
-ipw2200-firmware
-ivtv-firmware
-iwl1000-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6050-firmware
-kernel-firmware
-libertas-usb8388-firmware
-ql2100-firmware
-ql2200-firmware
-ql23xx-firmware
-ql2400-firmware
-ql2500-firmware
-rt61pci-firmware
-rt73usb-firmware
-xorg-x11-drv-ati-firmware
-zd1211-firmware
#------------------------------------------------------------------------------

%post
yum -y install yum-conf-epel
yum -y update
%end

I confirmed that /root/anaconda-ks.cfg also contained "selinux --disabled".

--
Branden Timm
[log in to unmask]

On 3/15/2012 11:24 AM, Pat Riehecky wrote:
> On 03/15/2012 10:49 AM, Branden Timm wrote:
>> Greetings,
>>   I want to report a possible bug that I've noticed in the past few 
>> days.  It seems the "selinux" kickstart option is not honored by 
>> anaconda in SL 6.2.  My kickstart file contains:
>>
>> selinux --disabled
>>
>> Yet after install, I notice that /etc/sysconfig/selinux still contains:
>>
>> SELINUX=enforcing
>>
>> I searched the list archives and didn't see this reported before.
>>
>> -- 
>> Branden Timm
>> [log in to unmask]
>
> I'm unable to replicate this behavior.  Tested SL6.2 i386 with the 
> following kickstart file:
>
> install
> cdrom
>
> rootpw password
>
> lang en_US.UTF-8
> keyboard us
> network --onboot yes --device eth0 --bootproto dhcp --noipv6
> firewall --disabled
> selinux --disabled
> authconfig --enableshadow --passalgo=sha512
> timezone --utc America/Chicago
> reboot
>
> bootloader --location=mbr --driveorder=vda
>
> part / --fstype=ext4 --onpart=vda1
> part swap --onpart=vda2
>
> %packages
> @core
> @base
> @misc-sl
> redhat-lsb
> SL_password_for_singleuser
>
>
> Pat
>
>

ATOM RSS1 RSS2