Resolves bz971279
Description of problem:
Previously with selinux in enforcing mode, could prevent ssh-keygen from
generating keys. Support for selinux policy for allowing applications to
access ssh-keygen for generating ssh keys was added in
selinux-policy-3.7.19-126.el6_2.6.
Solutions:
Because of the context was added for ssh key generation, so the keys were
generated without fliping from enforcing mode to permissive mode for ssh
key generation. This patch removes selinux code which switches between
enforcing and permissive modes.
Signed-off-by: arthur <zzou(a)redhat.com>
---
kdumpctl | 12 ------------
1 file changed, 12 deletions(-)
diff --git a/kdumpctl b/kdumpctl
index 46ae633..d27557a 100755
--- a/kdumpctl
+++ b/kdumpctl
@@ -317,13 +317,6 @@ function propagate_ssh_key()
exit 1
fi
- #Check if selinux is on... must flip to permissive mode
- #for the moment to create key, then flip back...
- se_enforce=`/usr/sbin/sestatus | grep -c "^Current mode.*enforcing"`
- if [ "$se_enforce" -ge 1 ]; then
- /usr/sbin/setenforce 0 2>&1 > /dev/null
- fi
-
local KEYFILE=$SSH_KEY_LOCATION
local errmsg="Failed to propagate ssh key"
@@ -336,11 +329,6 @@ function propagate_ssh_key()
echo "done."
fi
- #If necessary, flip selinux back to enforcing
- if [ "$se_enforce" -ge 1 ]; then
- /usr/sbin/setenforce 1 2>&1 > /dev/null
- fi
-
#now find the target ssh user and server to contact.
SSH_USER=`echo $DUMP_TARGET | cut -d\ -f2 | cut -d@ -f1`
SSH_SERVER=`echo $DUMP_TARGET | sed -e's/\(.*(a)\)\(.*$\)/\2/'`
--
1.8.4.2
Show replies by date