livecd-creator and selinux, status at the end of week 1

Eric Paris eparis at redhat.com
Mon May 19 13:34:46 UTC 2008


On Mon, 2008-05-19 at 09:11 -0400, David Huff wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Eric Paris wrote:
> | I've spent pretty much all week flailing around try to get
> | livecd-creator working with selinux enforcing with F10 as both the host
> | and the image.  Next week begins the journey of working on making old
> | composes work on F10.  Where do I stand?  Well, it seems to work!  I
> | booted an image and logged in.
> |
> 
> 
> I have seen similar issues with the appliance-tools Im working on
> (thincrust.net).  On thing I have noticed is that kickstart.py only
> likes crypted passwds, so make sure you use the --iscrytped option in
> the ks file.
> 
> I have also noticed another problem, if you set selinux disabled via the
> kickstart and try to set no root passwd, by excluding a rootpw
> line in the ks, you get an error similar too:
> 
> "only root can do that"
> 
> I think this is due to selinux context on the host you are
> building the image on.   I saw this running a F9 client on a F9 host,
> from your post on Friday, I will try generating a rwahide image on a
> rawhide host and see if I have similar results.

If you wouldn't mind opening a BZ, for now lets open it against
libselinux assign it to me and let me know all of the problems you have
run into involving passwd. I think I understand all of that cruft now.
-Eric




More information about the fedora-devel-list mailing list