[PATCH] Don't add --setopt=tsflags=nocontexts to all commands

Paul Howarth paul at city-fan.org
Fri Dec 3 16:07:26 UTC 2010 

The SELinux plugin adds a hook that adds a "--setopt=tsflags=nocontexts" 
option to every command routed through mock.util.do. This doesn't just 
include "yum" commands, as can be seen for instance if a build fails in 
the "setup" phase, where mock tries to unmount all mounted filesystems 
with a umount command with the bogus option added to each invocation.

You can see this for yourself if you try building a package that pulls 
in a build requirement that uses file capabilities and have the tmpfs 
plugin enabled; rpm/cpio cannot apply the capability on tmpfs and so the 
build bails out. I use "spamass-milter" in Rawhide as a nice, small 
package that demonstrates this effect.

WARNING: Command failed. See logs for output.
  # umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/dev/shm 
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
  # umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/dev/pts 
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
  # umount -n 
/var/lib/mock/city-fan-rawhide-x86_64/root/proc/filesystems 
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
  # umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/tmp/ccache 
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
  # umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/var/cache/yum 
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
  # umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/sys 
--setopt=tsflags=nocontexts
WARNING: Command failed. See logs for output.
  # umount -n /var/lib/mock/city-fan-rawhide-x86_64/root/proc 
--setopt=tsflags=nocontexts
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/dev/shm' from chroot.
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/dev/pts' from chroot.
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/proc/filesystems' from chroot.
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/tmp/ccache' from chroot.
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/var/cache/yum' from chroot.
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/sys' from chroot.
WARNING: Forcibly unmounting 
'/var/lib/mock/city-fan-rawhide-x86_64/root/proc' from chroot.

The attached patch makes the plugin only apply the extra option when the 
command being run is yum. Works for me, though is uses "startswith" and 
so won't work on python 2.4. I'm sure a native python speaker could 
write it in a more portable way.

Paul.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Don-t-add-setopt-tsflags-nocontexts-to-all-commands.patch
Type: text/x-patch
Size: 1134 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/buildsys/attachments/20101203/25f06b53/attachment.bin

More information about the buildsys mailing list