bugs
bugs copied to clipboard
SELinux settings get overwritten after reboot
Issue Report
Bug
Container Linux Version
NAME="Container Linux by CoreOS"
ID=coreos
VERSION=2051.2.0
VERSION_ID=2051.2.0
BUILD_ID=2019-03-11-0556
PRETTY_NAME="Container Linux by CoreOS 2051.2.0 (Rhyolite)"
ANSI_COLOR="38;5;75"
HOME_URL="https://coreos.com/"
BUG_REPORT_URL="https://issues.coreos.com"
COREOS_BOARD="amd64-usr"
Environment
Swarm cluster of 2 - 10 instances running on VMWare
Expected Behavior
After executing all steps on 'https://coreos.com/os/docs/latest/selinux.html' and doing a reboot we expect that these changes are persistent. Meaning that the removed files aren't placed back in the '/etc/audit/rules.d/' directory.
Actual Behavior
All steps are followed, no issues. After reboot everything is back to it's default configuration; removed files are back in the '/etc/audit/rules.d/' directory.
Reproduction Steps
- Follow the steps on 'https://coreos.com/os/docs/latest/selinux.html'
- Reboot the CoreOS instance
- Check the files in the '/etc/audit/rules.d/' directory
Other Information
Did some research on my own and saw that these rules files are linked from the read-only filesystem '/usr/share'. I suppose this is what is done during boot (https://github.com/coreos/coreos-overlay/blob/master/sys-process/audit/files/audit-rules.tmpfiles) but there should be a way to overwrite this.
Run sudo ln -s /dev/null /etc/tmpfiles.d/audit-rules.conf
to disable it.
This does indeed make it persistent, thank you! Is this documented anywhere?