Re: kickstart -- refreshing rpm's.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



By the way there was one other thing I did to make sure that selinux should
work when I made the bind mount to the changed chroot area:


Mike Cloaked wrote:
> 
> 
> 1) I wanted to have the files in the /opt partition so as not to use up
> the limited space in the root partition so I did this, but it is not
> essential.
> Changed the directory where the mock files are going to be on the /opt
> partition
> As root:
> mkdir /opt/Local/mock
> 
> 

Now make an equivalence of the security contexts for this new area to be the
same as the original by
semanage fcontext -a -e /var/lib/mock /opt/Local/mock
Then 
restorecon /opt/Local/mock should give the same contexts as /var/lib/mock
and this can be checked using 
ll -Z /opt/Local/mock 
ll -Z /var/lib/mock

Check the mock directory has the correct permissions
 ll -Zd /opt/Local/mock
drwxrwsr-x. root mock system_u:object_r:var_lib_t:s0   /opt/Local/mock
 ll -Zd /var/lib/mock
drwxrwsr-x. root mock system_u:object_r:var_lib_t:s0   /var/lib/mock

Then the recipe is as I gave in the previous post.

I ran the build with selinux enforcing and it seems to have worked just fine
- at least no AVCs popped up!


-- 
View this message in context: http://www.nabble.com/kickstart----refreshing-rpm%27s.-tp25811684p25824016.html
Sent from the Fedora List mailing list archive at Nabble.com.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux