From b6e0ba2e451d828eedd75647a0049a1051eef758 Mon Sep 17 00:00:00 2001 From: "Brian C. Lane" Date: Thu, 3 May 2018 16:49:34 -0700 Subject: [PATCH] Add selinux check to lorax-composer anaconda needs to have SELinux set to disabled or permissive in order to run correctly. Check at startup and exit with an error. --- src/sbin/lorax-composer | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/sbin/lorax-composer b/src/sbin/lorax-composer index a5af4a6b..1a62f6d6 100755 --- a/src/sbin/lorax-composer +++ b/src/sbin/lorax-composer @@ -28,6 +28,7 @@ import argparse import grp import os import pwd +import selinux import sys import subprocess from threading import Lock @@ -178,6 +179,9 @@ if __name__ == '__main__': except KeyError: errors.append("Missing group '%s'" % opts.group) + if selinux.is_selinux_enabled() and selinux.security_getenforce(): + errors.append("selinux must be disabled or in Permissive mode.") + # No point in continuing if there are uid or gid errors if errors: for e in errors: