avc while running appliance-creator

Matthew Miller mattdm at fedoraproject.org
Fri Nov 9 14:46:47 UTC 2012 

On Fri, Nov 09, 2012 at 04:23:14AM -0500, Miroslav Grepl wrote:
> Matthew,
> I am interested in how chroot subdirs look?
> # ls -lZ PATH_TO_CHROOT/


Sure.

$ sudo ls -lZ imgcreate-V5g52_/install_root
lrwxrwxrwx. root root system_u:object_r:bin_t:s0       bin -> usr/bin
dr-xr-xr-x. root root system_u:object_r:boot_t:s0      boot
drwxr-xr-x. root root system_u:object_r:device_t:s0    dev
drwxr-xr-x. root root system_u:object_r:etc_t:s0       etc
drwxr-xr-x. root root system_u:object_r:home_root_t:s0 home
lrwxrwxrwx. root root system_u:object_r:lib_t:s0       lib -> usr/lib
lrwxrwxrwx. root root system_u:object_r:lib_t:s0       lib64 -> usr/lib64
drwx------. root root system_u:object_r:lost_found_t:s0 lost+found
drwxr-xr-x. root root system_u:object_r:mnt_t:s0       media
drwxr-xr-x. root root system_u:object_r:mnt_t:s0       mnt
drwxr-xr-x. root root system_u:object_r:usr_t:s0       opt
dr-xr-xr-x. root root system_u:object_r:proc_t:s0      proc
dr-xr-x---. root root system_u:object_r:admin_home_t:s0 root
drwxr-xr-x. root root system_u:object_r:var_run_t:s0   run
lrwxrwxrwx. root root system_u:object_r:bin_t:s0       sbin -> usr/sbin
drwxr-xr-x. root root system_u:object_r:var_t:s0       srv
drwxr-xr-x. root root system_u:object_r:sysfs_t:s0     sys
drwxrwxrwt. root root system_u:object_r:tmp_t:s0       tmp
drwxr-xr-x. root root system_u:object_r:usr_t:s0       usr
drwxr-xr-x. root root system_u:object_r:var_t:s0       var


And 

$ sudo ls -lZ imgcreate-V5g52_/install_root/var
drwxr-xr-x. root root system_u:object_r:var_t:s0       adm
drwxr-xr-x. root root system_u:object_r:var_t:s0       cache
drwxr-xr-x. root root system_u:object_r:var_t:s0       db
drwxr-xr-x. root root system_u:object_r:var_t:s0       empty
drwxr-xr-x. root root system_u:object_r:games_data_t:s0 games
drwxr-xr-x. root root system_u:object_r:var_t:s0       gopher
drwxr-xr-x. root root system_u:object_r:var_lib_t:s0   lib
drwxr-xr-x. root root system_u:object_r:var_t:s0       local
lrwxrwxrwx. root root unconfined_u:object_r:var_t:s0   lock -> ../run/lock
drwxr-xr-x. root root system_u:object_r:var_log_t:s0   log
lrwxrwxrwx. root root system_u:object_r:mail_spool_t:s0 mail -> spool/mail
drwxr-xr-x. root root system_u:object_r:var_t:s0       nis
drwxr-xr-x. root root system_u:object_r:var_t:s0       opt
drwxr-xr-x. root root system_u:object_r:var_t:s0       preserve
lrwxrwxrwx. root root unconfined_u:object_r:var_run_t:s0 run -> ../run
drwxr-xr-x. root root system_u:object_r:var_spool_t:s0 spool
drwxrwxrwt. root root system_u:object_r:tmp_t:s0       tmp
drwxr-xr-x. root root system_u:object_r:var_yp_t:s0    yp


-- 
Matthew Miller  ☁☁☁  Fedora Cloud Architect  ☁☁☁  <mattdm at fedoraproject.org>

More information about the selinux mailing list