Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
SELinux settings get overwritten after reboot #2571
Container Linux Version
Swarm cluster of 2 - 10 instances running on VMWare
After executing all steps on 'https://coreos.com/os/docs/latest/selinux.html' and doing a reboot we expect that these changes are persistent. Meaning that the removed files aren't placed back in the '/etc/audit/rules.d/' directory.
All steps are followed, no issues. After reboot everything is back to it's default configuration; removed files are back in the '/etc/audit/rules.d/' directory.
Did some research on my own and saw that these rules files are linked from the read-only filesystem '/usr/share'. I suppose this is what is done during boot (https://github.com/coreos/coreos-overlay/blob/master/sys-process/audit/files/audit-rules.tmpfiles) but there should be a way to overwrite this.