FC2 useradd in chroot on FC5 host with SELinux
Paul Howarth
paul at city-fan.org
Thu Jul 13 15:53:14 UTC 2006
Daniel J Walsh wrote:
> Paul Howarth wrote:
>> I use mock to build packages for old distributions in a chroot-ed
>> environment on my FC5 box. I've pretty well got this working for all old
>> distributions now apart from FC2 (see
>> http://www.fedoraproject.org/wiki/Legacy/Mock). On FC2, the process gets
>> off to quite a good start, installing the following packages into the
>> chroot:
>>
>> =============================================================================
>>
>> Package Arch Version Repository
>> Size
>> =============================================================================
>>
>> Installing:
>> buildsys-build noarch 0.5-1.CF.fc2 groups
>> 1.8 k
>> Installing for dependencies:
>> SysVinit i386 2.85-25 core
>> 96 k
>> basesystem noarch 8.0-3 core
>> 2.7 k
>> bash i386 2.05b-38 core
>> 1.5 M
>> beecrypt i386 3.1.0-3 core
>> 64 k
>> binutils i386 2.15.90.0.3-5 core
>> 2.8 M
>> buildsys-macros noarch 2-2.fc2 groups
>> 2.1 k
>> bzip2 i386 1.0.2-12.1 core
>> 48 k
>> bzip2-libs i386 1.0.2-12.1 core
>> 32 k chkconfig i386 1.3.9-1.1 core
>> 99 k
>> coreutils i386 5.2.1-7 core
>> 2.8 M
>> cpio i386 2.5-6 core
>> 45 k
>> cpp i386 3.3.3-7 core
>> 1.4 M
>> cracklib i386 2.7-27.1 core
>> 26 k
>> cracklib-dicts i386 2.7-27.1 core
>> 409 k
>> db4 i386 4.2.52-3.1 core
>> 1.5 M
>> dev i386 3.3.13-1 core
>> 3.6 M
>> diffutils i386 2.8.1-11 core
>> 205 k
>> e2fsprogs i386 1.35-7.1 core
>> 728 k
>> elfutils-libelf i386 0.95-2 core
>> 36 k
>> ethtool i386 1.8-3.1 core
>> 48 k
>> fedora-release i386 2-4 core
>> 92 k
>> file i386 4.07-4 core
>> 242 k
>> filesystem i386 2.2.4-1 core
>> 18 k
>> findutils i386 1:4.1.7-25 core
>> 102 k
>> gawk i386 3.1.3-7 core
>> 1.5 M
>> gcc i386 3.3.3-7 core
>> 3.8 M
>> gcc-c++ i386 3.3.3-7 core
>> 2.0 M
>> gdbm i386 1.8.0-22.1 core
>> 26 k
>> glib i386 1:1.2.10-12.1.1 core
>> 134 k
>> glib2 i386 2.4.8-1.fc2 updates-released
>> 477 k
>> glibc i686 2.3.3-27.1 updates-released
>> 4.9 M
>> glibc-common i386 2.3.3-27.1 updates-released
>> 14 M
>> glibc-devel i386 2.3.3-27.1 updates-released
>> 1.9 M
>> glibc-headers i386 2.3.3-27.1 updates-released
>> 530 k
>> glibc-kernheaders i386 2.4-8.44 core
>> 697 k
>> grep i386 2.5.1-26 core
>> 168 k
>> gzip i386 1.3.3-12.2.legacy updates-released
>> 88 k
>> info i386 4.7-4 updates-released
>> 147 k
>> initscripts i386 7.55.2-1 updates-released
>> 906 k
>> iproute i386 2.4.7-14 core
>> 591 k
>> iputils i386 20020927-13 core
>> 92 k
>> less i386 382-3 core
>> 85 k
>> libacl i386 2.2.7-5 core
>> 15 k
>> libattr i386 2.4.1-4 core
>> 8.6 k
>> libgcc i386 3.3.3-7 core
>> 33 k
>> libselinux i386 1.11.4-1 core
>> 45 k
>> libstdc++ i386 3.3.3-7 core
>> 240 k
>> libstdc++-devel i386 3.3.3-7 core
>> 1.3 M
>> libtermcap i386 2.0.8-38 core
>> 12 k
>> make i386 1:3.80-3 core
>> 337 k
>> mingetty i386 1.07-2 core
>> 18 k
>> mktemp i386 2:1.5-7 core
>> 12 k
>> modutils i386 2.4.26-16 core
>> 395 k
>> ncurses i386 5.4-5 core
>> 1.5 M
>> net-tools i386 1.60-25.1 updates-released
>> 311 k
>> pam i386 0.77-40 core
>> 1.9 M
>> patch i386 2.5.4-19 core
>> 61 k
>> pcre i386 4.5-2 core
>> 59 k
>> perl i386 3:5.8.3-18 core
>> 11 M
>> perl-Filter i386 1.30-5 core
>> 68 k
>> popt i386 1.9.1-0.4.1 updates-released
>> 61 k
>> procps i386 3.2.0-1.2 updates-released
>> 176 k
>> psmisc i386 21.4-2 core
>> 41 k
>> redhat-rpm-config noarch 8.0.28-1.1.1 core
>> 41 k
>> rpm i386 4.3.1-0.4.1 updates-released
>> 2.2 M
>> rpm-build i386 4.3.1-0.4.1 updates-released
>> 437 k
>> sed i386 4.0.8-4 core
>> 116 k
>> setup noarch 2.5.33-1 core
>> 29 k
>> shadow-utils i386 2:4.0.3-55 updates-released
>> 671 k
>> sysklogd i386 1.4.1-16 core
>> 65 k
>> tar i386 1.13.25-14 core
>> 351 k
>> termcap noarch 11.0.1-18.1 core
>> 237 k
>> tzdata noarch 2005f-1.fc2 updates-released
>> 449 k
>> unzip i386 5.50-37 core
>> 139 k
>> util-linux i386 2.12-19 updates-released
>> 1.5 M
>> which i386 2.16-2 core
>> 21 k
>> words noarch 2-22 core
>> 137 k
>> zlib i386 1.2.1.2-0.fc2 updates-released
>> 44 k
>>
>> After installing all of these packages successfully, the next thing that
>> happens is:
>>
>> Executing /usr/sbin/mock-helper
>> chroot /var/lib/mock/fedora-2-i386-core/root /bin/su - root -c
>> "/usr/sbin/useradd -m -u 500 -d /builddir mockbuild"
>>
>> and at that point the "useradd" process just hangs indefinitely. I'm
>> told that if SELinux is disabled (I've tried permissive mode and that
>> doesn't help), this works. I can't see any AVCs in the logs.
>>
>> Any ideas what might be causing this and how it might be fixed?
> In fc2 you should disable SELinux.
I'm running this on FC5; what I'm trying to do is set up a chroot with
FC2 packages. This includes the FC2 version of useradd, and it's this
that's hanging when run in the chroot.
I'd happily give things in the chroot the impression that SELinux is
disabled (I believe mock actually does this already) but I *really*
don't want to disable SELinux on my FC5 host.
Paul.
More information about the fedora-selinux-list
mailing list