| Summary: | Aberrant privileges handle of mock | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Christopher Meng <i> |
| Component: | mock | Assignee: | Clark Williams <williams> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | dominick.grift, dwalsh, lvrabec, martin_, mebrown, mgrepl, williams |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-02-02 13:29:44 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
Fixed in recent libselinux update. Closed. Not sure how libselinux fixed it but if it works for you fine. In which update is it fixed? The problem still exists on my system:
$ id -Z
staff_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ /usr/bin/mock init
/usr/bin/mock init
INFO: mock.py version 1.1.35 starting...
Start: init plugins
INFO: selinux enabled
Finish: init plugins
Start: run
Start: lock buildroot
Start: clean chroot
INFO: chroot (/var/lib/mock/fedora-20-x86_64) unlocked and deleted
Finish: clean chroot
Finish: lock buildroot
Start: chroot init
Start: lock buildroot
Mock Version: 1.1.35
INFO: Mock Version: 1.1.35
INFO: calling preinit hooks
INFO: enabled root cache
INFO: enabled yum cache
Start: cleaning yum metadata
Finish: cleaning yum metadata
INFO: enabled ccache
Start: device setup
Finish: device setup
Start: yum update
Start: Outputting list of available packages
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/proc/filesystems' from chroot.
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/tmp/ccache' from chroot.
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/var/cache/yum' from chroot.
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/dev/pts' from chroot.
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/dev/shm' from chroot.
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/sys' from chroot.
WARNING: Forcibly unmounting '/var/lib/mock/fedora-20-x86_64/root/proc' from chroot.
ERROR: Command failed. See logs for output.
# /usr/bin/repoquery -c /var/lib/mock/fedora-20-x86_64/root//etc/yum.conf -a --qf '%{nevra} %{buildtime} %{size} %{pkgid} %{repoid}' > /var/lib/mock/fedora-20-x86_64/result/available_pkgs
WARNING: unable to delete selinux filesystems (/tmp/mock-selinux-plugin.90RUSa): [Errno 1] Operation not permitted: '/tmp/mock-selinux-plugin.90RUSa'
# ls -laZ /tmp/ | grep mock
-r--r--r--. root root staff_u:object_r:user_tmp_t:s0 mock-selinux-plugin.7TJNMi
-r--r--r--. root root staff_u:object_r:user_tmp_t:s0 mock-selinux-plugin.LJ9BY
libselinux-2.2.1-5.fc21 or libselinux-2.2.1-6.fc21. I'm running rawhide. I've libselinux-2.2.1-6.fc20.x86_64 installed (from updates) The strange thing is, the error exists although setenforce 0 is used. Still happens? Hi Christopher, in the meantime I've reinstalled Fedora and now I can't reproduce this Error. Good to hear that. |
After recent's selinux update I can't review any packages now. :( Then I found something bad: [rpmaker@fab ~]$ id -u ; echo "--------------" ; mock --init ; mock --init --resultdir=~/mock/ 1000 -------------- INFO: mock.py version 1.1.35 starting... Start: init plugins INFO: selinux enabled Finish: init plugins Start: run Start: lock buildroot Start: clean chroot INFO: chroot (/var/lib/mock/fedora-rawhide-i386) unlocked and deleted Finish: clean chroot Finish: lock buildroot Start: chroot init ERROR: Could not create dir /var/lib/mock/fedora-rawhide-i386/result. Error: [Errno 13] Permission denied: '/var/lib/mock/fedora-rawhide-i386/result' Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/mockbuild/util.py", line 69, in mkdirIfAbsent os.makedirs(dirName) File "/usr/lib/python2.7/os.py", line 157, in makedirs mkdir(name, mode) OSError: [Errno 13] Permission denied: '/var/lib/mock/fedora-rawhide-i386/result' ERROR: Could not create output directory for built rpms. The directory specified was: /var/lib/mock/fedora-rawhide-i386/result Try using the --resultdir= option to select another location. Recommended location is --resultdir=~/mock/. WARNING: unable to delete selinux filesystems (/tmp/mock-selinux-plugin.mT_9UQ): [Errno 1] Operation not permitted: '/tmp/mock-selinux-plugin.mT_9UQ' INFO: mock.py version 1.1.35 starting... Start: init plugins INFO: selinux enabled Finish: init plugins Start: run Start: lock buildroot Start: clean chroot INFO: chroot (/var/lib/mock/fedora-rawhide-i386) unlocked and deleted Finish: clean chroot Finish: lock buildroot Start: chroot init ERROR: Could not create dir /root/mock/. Error: [Errno 13] Permission denied: '/root/mock/' Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/mockbuild/util.py", line 69, in mkdirIfAbsent os.makedirs(dirName) File "/usr/lib/python2.7/os.py", line 157, in makedirs mkdir(name, mode) OSError: [Errno 13] Permission denied: '/root/mock/' ERROR: Could not create output directory for built rpms. The directory specified was: /root/mock/ Try using the --resultdir= option to select another location. Recommended location is --resultdir=~/mock/. WARNING: unable to delete selinux filesystems (/tmp/mock-selinux-plugin.MmtnEW): [Errno 1] Operation not permitted: '/tmp/mock-selinux-plugin.MmtnEW' ------------------ I'm a normal user but not super user, unfortunately ~/mock pointed to /root/mock/ is absolutely wrong. Since recent updates are only received from selinux, but not mock, I determined to report this here. I doubt if selinux doesn't know how to handle files under /var/lib...