Re: SELinux for mock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/02/2011 03:12 AM, Piscium wrote:
On 1 May 2011 19:29, Piscium <groknok@xxxxxxxxx> wrote:

My question is if the policy files of the wiki page are current? They
are three years old, which is a long time in dog years or Fedora
years!

I wonder if anybody could tell me where to get updated policy files as
I am not proficient on SELinux? Or maybe can I just ignore the error
and use what I got as a .pp file was created?

(I am using this after installing mock so if there was no error the
next step per the wiki would be:
restorecon -R /var/lib/mock /usr/bin/mock

I have not done the above yet.)

An update: I ran restorecon, rebuilt glibc, and still got the same
alert from SELinux:
"SELinux is preventing
/builddir/build/BUILD/glibc-2.13/build-i686-linuxnptl/elf/ld.so from
using the execstack access on a process."

Despite the alert, the eight binary packages were built as expected,
and there were no error messages at the end of the build log. There
were some earlier about broken pipes and so on.

Most of the error messages I looked at happened while tests were being
performing as part of the build process, and this probably explains
why there was no error at the end, i. e., failures during tests were
not deemed serious enough to warrant scuppering the whole build.

Is one of the libraries marked with the execstack flag?

man execstack

You might want to see if you clear the execstack flag if everything works.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk2+wM0ACgkQrlYvE4MpobOx5ACfWAskwNkUY+3o7mGaT2lTHbpO
OscAn3J/7IMd450iaRh6M+a3Z5C969Fn
=LjPe
-----END PGP SIGNATURE-----
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Relevant Pages

  • Re: R: Re: R: Re: Samba misconfiguration
    ... that on a different box in my home selinux is enforced too, ... working fine sharing folders, even if I didn't do my homework (i.e. no ... not a problem at home as I am working with Fedora ... Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ ...
    (Fedora)
  • Re: SELinux Understanding
    ... then re-enable SELinux in enforcing mode (as it was ... I don't recall having a relabel forced. ... Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org ...
    (Fedora)
  • Re: [F12] running psad wiht selinux on
    ... ausearch -m avc -ts recent ... Should show you selinux errors. ... Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ ...
    (Fedora)
  • Re: New install, need good policy and advice
    ... redhat stopped with kernel headers and the driver would not build. ... this time with Fedora 12 by using kmod-nvidia and yum but it took me all ... disk that was there before so it would not conflict with the new install ... I now have selinux on the system ...
    (alt.os.linux)
  • Re: Request Regarding the "Remove SELinux" Thread
    ... politely explain SELinux to you, both how and why, for several days. ... Or not using Fedora. ... special 'Mike' DVD to install without SELinux. ... Those that hail back to the Bob Young days, ...
    (Fedora)