Matthew Miller mattdm@fedoraproject.org writes:
On Thu, Nov 21, 2013 at 01:30:15PM +0100, Vitaly Kuznetsov wrote:
I ran basic tests agains them and they're ok. The only issue I still see is wrong SELinux context for several files:
# restorecon -Rvn -e/dev -e/proc -e/sys -e/run -e/tmp/ / restorecon reset /var/cache/yum context system_u:object_r:file_t:s0->system_u:object_r:rpm_var_cache_t:s0 restorecon reset /var/log/boot.log context system_u:object_r:var_log_t:s0->system_u:object_r:plymouthd_var_log_t:s0 restorecon reset /boot/extlinux/ldlinux.sys context system_u:object_r:file_t:s0->system_u:object_r:boot_t:s0
That's weird. We're running fixfiles at the end of the build process to clean up anything like that.
I looked into kickstart, you do '/usr/sbin/fixfiles -R -a restore'. I tried running it manually on fresh instance:
# /usr/sbin/fixfiles -R -a restore 75k/sbin/restorecon set context /boot/extlinux/ldlinux.sys->system_u:object_r:boot_t:s0 failed:'Operation not permitted' 80k/sbin/restorecon set context /boot/extlinux/ldlinux.sys->system_u:object_r:boot_t:s0 failed:'Operation not permitted' 177k/sbin/restorecon set context /boot/extlinux/ldlinux.sys->system_u:object_r:boot_t:s0 failed:'Operation not permitted'
However /boot/extlinux/ldlinux.sys is the only file needs fixind after this:
# restorecon -Rvn -e/dev -e/proc -e/sys -e/run -e/tmp/ / restorecon reset /boot/extlinux/ldlinux.sys context system_u:object_r:file_t:s0->system_u:object_r:boot_t:s0
Anyway, https://bugzilla.redhat.com/show_bug.cgi?id=1033274 as suggested by dwalsh)