Bug 161668 - SELinux support for mock
Summary: SELinux support for mock
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted   
(Show other bugs)
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-06-25 10:23 UTC by Ignacio Vazquez-Abrams
Modified: 2014-01-21 22:52 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-06-26 11:28:54 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Ignacio Vazquez-Abrams 2005-06-25 10:23:59 UTC
Please label /var/lib/mock and all subdirs as mock_t (or another unique label of
your choice) so that mock can be made to work in SELinux-enabled systems without
manual intervention. This change should also be done to -strict as well if
feasible. A backport to FC3 might also be useful.

Comment 1 Ignacio Vazquez-Abrams 2005-06-25 11:52:27 UTC
Further proof that one should not file bugs when half-asleep.

Also required is a domain that has full read, write, and execute access in
/var/lib/mock.

Comment 2 Daniel Walsh 2005-06-26 11:28:54 UTC
This should be running under unconfined_t and should be able to work.  You need
to get someone to write the policy for this package.  We only write policy for
packages that we ship.  If you or someone else writes the policy, I can get it
upstreamed.

Dan


Note You need to log in before you can comment on or make changes to this bug.