The SELinux plugin adds a hook that adds a "--setopt=tsflags=nocontexts"
option to every command routed through mock.util.do. This doesn't just
include "yum" commands, as can be seen for instance if a build fails in
the "setup" phase, where mock tries to unmount all mounted filesystems
with a umount command with the bogus option added to each invocation.
You can see this for yourself if you try building a package that pulls
in a build requirement that uses file capabilities and have the tmpfs
plugin enabled; rpm/cpio cannot apply the capability on tmpfs and so the
build bails out. I use "spamass-milter" in Rawhide as a nice, small
package that demonstrates this effect.
WARNING: Command failed. See logs for output.
# umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/dev/shm
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
# umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/dev/pts
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
# umount -n
/var/lib/mock/city-fan-rawhide-x86_64/root/proc/filesystems
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
# umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/tmp/ccache
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
# umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/var/cache/yum
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
# umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/sys
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
# umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/proc
--setopt=tsflags=nocontexts
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/dev/shm' from chroot.
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/dev/pts' from chroot.
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/proc/filesystems' from chroot.
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/tmp/ccache' from chroot.
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/var/cache/yum' from chroot.
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/sys' from chroot.
WARNING: Forcibly unmounting
'/var/lib/mock/city-fan-rawhide-x86_64/root/proc' from chroot.
The attached patch makes the plugin only apply the extra option when the
command being run is yum. Works for me, though is uses "startswith" and
so won't work on python 2.4. I'm sure a native python speaker could
write it in a more portable way.
Paul.
Show replies by thread