On Sun, 2005-01-09 at 21:01 -0800, Bob Kashani wrote:
On Sun, 2005-01-09 at 23:20 -0500, Colin Walters wrote:
> On Sun, 2005-01-09 at 19:51 -0800, Bob Kashani wrote:
>
> > I'm actually playing around with UML as well. :) The only issue with
> > virtualization is that you end up taking a performance hit but on the
> > other hand it does make life easier.
>
> Right. By the way, I think Xen is in rawhide now, so that could be
> worth checking out.
Cool, I'll check it out. Thanks!!! :)
> > I'll try your patches. But I did figure out a simple workaround. (not
> > mounting /selinux in the chroot). It seems that if you don't
> > mount /selinux in the chroot then load_policy doesn't try to install the
> > policy in the chroot into the running kernel. I have no idea why that is
> > the case.
>
> Well, loading the policy will fail since load_policy just writes data
> to /selinux/load. I'm surprised that doesn't turn into a postinst
> error.
I just checked the selinux-policy-targeted.spec and in the %post section
at the very end there is an 'exit 0'.
Just to clarify: I meant that as an observation and not as something
that would cause it to fail.
BTW: I have a selinux dir in my chroot but there is nothing in it. Where
do the files in /selinux come from?
Bob
--
Bob Kashani
http://www.ocf.berkeley.edu/~bobk/garnome