livecd-creator and selinux, status at the end of week 1
eparis at redhat.com
Mon May 19 13:34:46 UTC 2008
On Mon, 2008-05-19 at 09:11 -0400, David Huff wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Eric Paris wrote:
> | I've spent pretty much all week flailing around try to get
> | livecd-creator working with selinux enforcing with F10 as both the host
> | and the image. Next week begins the journey of working on making old
> | composes work on F10. Where do I stand? Well, it seems to work! I
> | booted an image and logged in.
> I have seen similar issues with the appliance-tools Im working on
> (thincrust.net). On thing I have noticed is that kickstart.py only
> likes crypted passwds, so make sure you use the --iscrytped option in
> the ks file.
> I have also noticed another problem, if you set selinux disabled via the
> kickstart and try to set no root passwd, by excluding a rootpw
> line in the ks, you get an error similar too:
> "only root can do that"
> I think this is due to selinux context on the host you are
> building the image on. I saw this running a F9 client on a F9 host,
> from your post on Friday, I will try generating a rwahide image on a
> rawhide host and see if I have similar results.
If you wouldn't mind opening a BZ, for now lets open it against
libselinux assign it to me and let me know all of the problems you have
run into involving passwd. I think I understand all of that cruft now.
More information about the fedora-selinux-list