cobbler: Set SELinux = enforcing by default

Requested by downstream QE.  This shouldn't be an issue since only
downstream QE needs SELinux in Enforcing mode.  They don't use
ceph-cm-ansible which sets it to Permissive in the testnodes role.

Fixes: http://tracker.ceph.com/issues/37338
Signed-off-by: David Galloway <dgallowa@redhat.com>

diff --git a/roles/cobbler/templates/kickstarts/cephlab_rhel.ks b/roles/cobbler/templates/kickstarts/cephlab_rhel.ks
index 03f8b0ff7d6f07434f3286bbda45a7d01e063489..2c6ff565e81b896c7b26fb243934f3337670f0aa 100644 (file)
--- a/roles/cobbler/templates/kickstarts/cephlab_rhel.ks
+++ b/roles/cobbler/templates/kickstarts/cephlab_rhel.ks
@@ -29,7 +29,7 @@ reboot
 #Root password
 rootpw --iscrypted $default_password_crypted
 # SELinux configuration
-selinux --permissive
+selinux --enforcing
 # Do not configure the X Window System
 skipx
 # System timezone

diff --git a/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks b/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks
index 3e4c43424f0ed24cc1e7b7f6e2c338b820f60948..8a7de9a8654b086611c86a2571430fd31c6fca53 100644 (file)
--- a/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks
+++ b/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks
@@ -43,7 +43,7 @@ reboot
 #Root password
 rootpw --iscrypted $default_password_crypted
 # SELinux configuration
-selinux --permissive
+selinux --enforcing
 # Do not configure the X Window System
 skipx
 # System timezone