Fedora buildsys and SELinux

Paul Howarth paul at city-fan.org
Tue May 13 22:50:11 UTC 2008

On Tue, 13 May 2008 12:29:30 -0500
Dennis Gilmore <dennis at ausil.us> wrote:

> On Tuesday 13 May 2008, Daniel J Walsh wrote:
> >
> > I don't have a problem with calling restorecon on every single file,
> > since this is a limited number of files.  The goal is to allow the
> > chroot to run without mucking around with the host security.  So I
> > don't have to run permissive or disabled if I use mock/livecd.  If
> > mock/livecd have to relabel when they complete that is fine.
> I would really like to enable selinux on the actual builders.  Right
> now it has to be disabled. If not alot of things build ok  but
> certain packages will switch to enforcing inside the chroot when the
> host is in permissive mode. and it causes all sorts of fun and failed
> builds.

Which packages do this?

I run my own mock builders with selinux enforcing on F8 and haven't
come across anything like that, though obviously the Fedora builders
are exposed to a much wider variety of packages than my small


More information about the fedora-selinux-list mailing list