-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
None
-
False
-
-
Red Hat Enterprise Linux
-
Unspecified
-
Unspecified
-
Unspecified
Document link:
Section number and name:
17.2.5 Disabling SELinux
Describe the issue:
As per KCS 4890471 and RHEL8.4 release note ("Runtime disabling SELinux using /etc/selinux/config is now deprecated" in https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/8.4_release_notes/index#deprecated-functionality_security), we should show procedure that disables SELinux with selinux=0 in kernel boot parameter instead of SELINUX=disabled in /etc/selinux/config.
/etc/selinux/config has been deprecated since RHEL8.4 and it has a risk to cause kernel panic as a warning mentioned in this Chapter.
Suggestions for improvement:
Currently, 17.2.5. Disabling SELinux has a Warning section and procedure on how to disable selinux with SELINUX=disabled.
I suggests that ...
- Remove the current Warning section
- Show the procedure using selinux=0 in kernel boot parameter.
- Create a new Warning section that explains /etc/selinux/config might cause kernel panic and this procedure has been already deprecated since RHEL8.4.
Additional information:
- is cloned by
-
-
- In Progress
-
-
-
- Closed
-
