SELinux - copying ISO file content
Jon Masters
jonathan at jonmasters.org
Tue Oct 7 13:42:25 UTC 2008
On Mon, 2008-10-06 at 15:17 -0500, Jerry Vonau wrote:
> Daniel J Walsh wrote:
> > Jon Masters wrote:
> >> On Fri, 2008-10-03 at 09:13 -0400, Daniel J Walsh wrote:
> >>
> >>>> $ mount -o loop Fedora-9-i386-DVD.iso /mnt
> >>>>
> >>>> And then one might legitimately expect to be able to copy the content
> >>>> of /mnt over to e.g. /somewhere/fedora/9/i386 for NFS installs. But
> >>>> suppose that one is running SELinux in enforcing mode, then this will
> >>>> fail because the contexts differ in this operation. Then, one will
> >>>> likely quickly become severely annoyed and frustrated with SELinux,
> >>>> simply setting it permissive for the duration of the operation...
>
> I've seen this...
Indeed. I have too, one too many times.
> SELinux is preventing cp from creating a file with a context of
> iso9660_t on a
> filesystem.
Ah yes, I probably used the standard "cp -ax blah /blah" command. I
guess I'll need to learn not to use such standard commands in future and
adapt everything around SELinux. Because that's very non-obtrusive, and
won't cause regular users any anguish at all.
Jon.
More information about the fedora-devel-list
mailing list