[Libguestfs] virt-builder & virt-sysprep: Avoiding SELinux relabelling
R P Herrold
herrold at owlriver.com
Tue Jan 21 17:01:45 UTC 2014
On Tue, 21 Jan 2014, Richard W.M. Jones wrote:
> A common problem that people have with virt-builder and virt-sysprep
> is which guests that use SELinux, like Fedora and RHEL. In both cases
> we touch /.autorelabel in the guest, which means the guest has to
> reboot once during its first boot.
... snip much analysis ...
> (4) It can touch '/.autorelabel' which causes an SELinux enabled guest
> to do a full filesystem relabel at first boot (followed by a
> reboot).
The initscripts have taken to toind a reboot at the end of the
cleanup in the:
/.autorelabel
but formerly did not. It is unclear to me that this is
required
Perhaps the build process can omit step 4 and the:
touch /.autorelabel
with this additional option in that enumeration of choices
(5) it can do an additional step at very end of the post
install:
restorecon -R /
untested
-- Russ herrold
More information about the Libguestfs
mailing list