Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora Development (http://www.linux-archive.org/fedora-development/)
-   -   SELinux & Koji question (http://www.linux-archive.org/fedora-development/707269-selinux-koji-question.html)

"Richard W.M. Jones" 09-25-2012 04:31 PM
SELinux & Koji question
 
On Tue, Sep 25, 2012 at 05:29:39PM +0100, Richard W.M. Jones wrote:
>
> This command fails:
>
> + chcon system_u:object_r:tmp_t:s0 tmp
> chcon: failed to change context of 'tmp' to 'system_u:object_r:tmp_t:s0': Operation not permitted

I should add that 'tmp' is the name of a directory under the
build dir.

Rich.

--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

Kevin Fenzi 09-25-2012 04:35 PM
SELinux & Koji question
 
On Tue, 25 Sep 2012 17:29:39 +0100
"Richard W.M. Jones" <rjones@redhat.com> wrote:

>
> This command fails:
>
> + chcon system_u:object_r:tmp_t:s0 tmp
> chcon: failed to change context of 'tmp' to
> 'system_u:object_r:tmp_t:s0': Operation not permitted
>
> when run on Koji. However it works fine when run on a Fedora 18
> machine, with SELinux enforcing.
>
> Does Koji have SELinux enforcing? Why is labelling not allowed when
> it works on a local machine?

No, builders have selinux disabled, as running in permissive mode a
while back caused odd build failures. ;(

It may be that it works fine now, but we would need to test that and
confirm before changing anything.

kevin
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel

"Richard W.M. Jones" 09-25-2012 04:38 PM
SELinux & Koji question
 
On Tue, Sep 25, 2012 at 10:35:43AM -0600, Kevin Fenzi wrote:
> On Tue, 25 Sep 2012 17:29:39 +0100
> "Richard W.M. Jones" <rjones@redhat.com> wrote:
>
> >
> > This command fails:
> >
> > + chcon system_u:object_r:tmp_t:s0 tmp
> > chcon: failed to change context of 'tmp' to
> > 'system_u:object_r:tmp_t:s0': Operation not permitted
> >
> > when run on Koji. However it works fine when run on a Fedora 18
> > machine, with SELinux enforcing.
> >
> > Does Koji have SELinux enforcing? Why is labelling not allowed when
> > it works on a local machine?
>
> No, builders have selinux disabled, as running in permissive mode a
> while back caused odd build failures. ;(
>
> It may be that it works fine now, but we would need to test that and
> confirm before changing anything.

Ah, I guess that explains it!

Rich.

--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel


All times are GMT. The time now is 12:07 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.