[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: selinux rant, compressed version (Was Re: kernels won't boot)

On Thu, 03 Jan 2008 17:07:33 -0500
Daniel J Walsh <dwalsh redhat com> wrote:

> Jesse, what problems are you seeing that needs to run in permissive
> mode?  I know about the chroot environments and there is not a good
> answer to this. Placing of the file context down without loading the
> SELInux policy would help in this environment.  But we would still
> have problems with applications running in post install, not getting
> the correct context.

What I've seen is if selinux is in enforcing part of the compose
process will fail in such a way that selinux will default to /off/ for
the resulting composed media (funny eh?).  I think it had something to
do with a denial, but the memory is hazy.  But since most of my
composing involves A) mock for the initial compose environment (that's
one chroot) and B) buildinstall itself creating an install root to
populate stage1/2 contents (that's two chroots) I kind of feel I'm out
in left field.

Jesse Keating
Fedora -- All my bits are free, are yours?

Attachment: signature.asc
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]