Re: VM templates can't run with SELinux enabled

I tried but without sucess ... because of Kernel panic and the VM can't boot. It can boot only with SELinux disabled.

Мариан Игнев

Modify /etc/sysconfig/selinux and set SELINUX=permissive prior to creating the template. When you restore from the template, /var/log/audit/audit.log should have a record of what failed on boot (may need to run it through audit2allow or something to make sense of it). Then let your hypervisor know that it is being very naughty.

So i have the following situation. I have my own private PaaS. During the process of testing many times I break everything and reinstalling the PaaS after that. One day a great idea just hit me ... to make template of the virtual machine :) ... but of course the problems just came after the first try to restore from that template :)

After restoring from the template the VM didn't run ... after some time I realized that the problem is because of SELinux. Because when the hypervisor creates new machine or rebuild it, changes a lot of things that is protected by the SELinux.

For example all files in:
/etc/shadow (because of new root password)
/etc/hostname and many others.

So i have an option to run VM in recovery mode to stop SELinux for example (I realized that the problem was his).

When I am i recovery mode and try to view chaged files with ausearch but he told me that noting there, because the audit log is empty and i can't find what files are smeared.

Do you have amy ideas how can i handle this?

