Fedora 17 in a CHROOT on Ubuntu - and the wrong dependency on rpmlib(X-CheckUnifiedSystemdir)

Suvayu Ali fatkasuvayu+linux at gmail.com
Mon Sep 17 22:43:26 UTC 2012 

On Sun, Sep 16, 2012 at 08:20:13PM -0400, Bill Davidsen wrote:
> Suvayu Ali wrote:
> >
> >I have a similar build system for SLC 5.7.  Our software can also be
> >deployed in a VM; I have tried that but found the overhead of using a VM
> >(build times, test job run times and the fact that you have to have a
> >working virtualisation setup) rather large.  Instead now I (and many of
> >my colleagues) use a few scripts to maintain the chroot system for our
> >software.  This also seems easier to implement across multiple linux
> >distros without much fiddling (it's after all a few scripts that uses
> >chroot to setup the environment).  To give you an idea about the "easy
> >on various" distros bit, we have tried this on Arch, Ubuntu, Fedora and
> >Debian.  Getting it to work on Fedora required some extra effort to get
> >the SELinux labels for the chroot'ed directory hierarchy correct.
> >
> Your last sentence sums up some of the issues I hit with chroot, but I'm
> glad it works well enough for your needs. 

Well the "extra effort" was because I was not familiar with SELinux and
had to figure out how it works and how I can customise.  My solution in
the end was a rather simplistic "copy to contexts to the relative chroot
path".  A sequence of commands like these did the trick:

  # fcontext --add --equal /bin "${CHROOTDIR}/bin}"

> 
> Whatever works for you, either way will work, but I don't want to ever find
> out that an update to SElinux changed behavior, or glibc was patched to a
> "more correct" but non-working state. The right solution is the one which
> uses the least of your time in this case.

Well I hope SELinux does not fiddle with custom settings, no application
should and I don't think SELinux does either.  From what I understood
during my investigations, SELinux makes it very clear as to what is from
Fedora and what is user set and leaves the user set contexts alone.

I agree with you, "what ever works best for you" is the best way to go
when comes to any software.

Cheers,

-- 
Suvayu

Open source is the future. It sets us free.

More information about the users mailing list