I've just found one issue with the patch:
@@ -722,7 +714,6 @@ class ImageCreator(object):
kickstart.KeyboardConfig(self._instroot).apply(ksh.keyboard)
kickstart.TimezoneConfig(self._instroot).apply(ksh.timezone)
kickstart.AuthConfig(self._instroot).apply(ksh.authconfig)
- kickstart.SelinuxConfig(self._instroot).apply(ksh.selinux)
kickstart.FirewallConfig(self._instroot).apply(ksh.firewall)
kickstart.RootPasswordConfig(self._instroot).apply(ksh.rootpw)
kickstart.ServicesConfig(self._instroot).apply(ksh.services)
@@ -734,6 +725,9 @@ class ImageCreator(object):
self.__run_post_scripts()
+ # selinux should always come last
+ kickstart.SelinuxConfig(self._instroot).apply(ksh.selinux)
+
def launch_shell(self):
"""Launch a shell in the install root.
This reverts
http://git.fedorahosted.org/git/?p=livecd;a=commitdiff;h=d8c25944dde2de95...
Other issue is that pykickstart "selinux" command doesn't have --type
option
to specify the policy and lokkit. assumes "targeted" if
--selinuxtype=<type> is not specified. SelinuxConfig should not touch
SELINUXTYPE already set in /etc/selinux/config by %post script.
To avoid lokkit side-effects, I'll amend the patch to use Augeas to modify
/etc/selinux/config
Alan