On Fri, 07.11.14 11:30, Jan Synáček (jsyna...@redhat.com) wrote: > Hello, > > currently, when SELINUX=enforcing and SELINUXTYPE=<invalid value> are > set in /etc/selinux/config, systemd refuses to boot with > "Failed to load SELinux policy. Freezing." > > Is this really what should happen? If SELINUX is set to permissive or > disabled, though, systemd happily continues booting. I think that that's > what should happen when SELINUX is set to enforcing as well. Plus a big > warning in the log, or maybe even on the console, of course. > > What do you think?
Well, if we are in enforcing mode then this means that everything that is not OK needs to fail, and this includes the policy being corrupted or missing really. Enforcing mode is really this "super secure" mode where we'd rather hang the machine then possibly allow things to go through that might not be let through if the policy would be order... Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel