[Lxc-users] centos6 container and root login
olx69
ope-linux at gmx.de
Tue Oct 23 18:03:33 UTC 2012
>> > to be more precise, I've got after root/passwd phrase the option:
>> >
>> > Would you like to enter a security context? [N]
>>
>> Looks like selinux problem? Can you try disabling selinux in the host
>> (and possibly in the guest as well) with "setenforce 0".
>
>FWIW in my experience doing setenforce 0 in the host isn't enough for
>the guest to think selinux is disabled since
>libselinux::is_selinux_enabled() in the guest will
>check /proc/filesystems and see selinuxfs, thus reporting that it is
>on. (ie. check the output of sestatus in the guest). I had to disable
>it and reboot to make the guest think it is not enabled.
How to disable it in that manner?
In the container I did install policycoreutils (as shown at
http://wiki.1tux.org/wiki/Centos6/Installation/Minimal_installation_using_yum
I have only centos-release and the essential packages) and have
# echo 0 >selinux/enforce
# cat etc/selinux/config
SELINUX=disabled
in the the lxc container I can do now
[root at pgsql ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: disabled
Policy version: 24
Policy from config file: targeted
which disables selinux obviously.
BTW, for root login all what I did was to disable all
pam_selinux.so pam_loginuid.so lines in /etc/pam.d/login !
More information about the lxc-users
mailing list