Fedora buildsys and SELinux
Paul Howarth
paul at city-fan.org
Tue May 13 22:50:11 UTC 2008
On Tue, 13 May 2008 12:29:30 -0500
Dennis Gilmore <dennis at ausil.us> wrote:
> On Tuesday 13 May 2008, Daniel J Walsh wrote:
> >
> > I don't have a problem with calling restorecon on every single file,
> > since this is a limited number of files. The goal is to allow the
> > chroot to run without mucking around with the host security. So I
> > don't have to run permissive or disabled if I use mock/livecd. If
> > mock/livecd have to relabel when they complete that is fine.
>
>
> I would really like to enable selinux on the actual builders. Right
> now it has to be disabled. If not alot of things build ok but
> certain packages will switch to enforcing inside the chroot when the
> host is in permissive mode. and it causes all sorts of fun and failed
> builds.
Which packages do this?
I run my own mock builders with selinux enforcing on F8 and haven't
come across anything like that, though obviously the Fedora builders
are exposed to a much wider variety of packages than my small
collection.
Paul.
More information about the selinux
mailing list