Livecd-creator is disabling selinux
Richard W.M. Jones
rjones at redhat.com
Mon Jan 13 16:49:26 UTC 2014
On Mon, Jan 13, 2014 at 10:20:22AM -0500, Daniel J Walsh wrote:
> Secondly we prevent even unconfined_t from putting down labels on
> the file system that the kernel does not understand. IE If I am
> building a F21 image on a RHEL6 box, it would blow up in enforcing
> mode if run as unconfined_t. We added a special policy called
> livecd_t that is allowed to put down labels which the kernel does
> not understand, and unconfined_t will transition to this domain.
Slightly off-topic, but this (in-)ability to label files with labels
which the kernel doesn't know about affects libguestfs negatively too.
Is there some reason why it's bad?
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
More information about the devel
mailing list