161668 – SELinux support for mock

Bug 161668 - SELinux support for mock

Summary: SELinux support for mock

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-targeted
Sub Component:
Version:	4
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-06-25 10:23 UTC by Ignacio Vazquez-Abrams
Modified:	2014-01-21 22:52 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-06-26 11:28:54 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ignacio Vazquez-Abrams 2005-06-25 10:23:59 UTC

Please label /var/lib/mock and all subdirs as mock_t (or another unique label of
your choice) so that mock can be made to work in SELinux-enabled systems without
manual intervention. This change should also be done to -strict as well if
feasible. A backport to FC3 might also be useful.

Comment 1 Ignacio Vazquez-Abrams 2005-06-25 11:52:27 UTC

Further proof that one should not file bugs when half-asleep.

Also required is a domain that has full read, write, and execute access in
/var/lib/mock.

Comment 2 Daniel Walsh 2005-06-26 11:28:54 UTC

This should be running under unconfined_t and should be able to work.  You need
to get someone to write the policy for this package.  We only write policy for
packages that we ship.  If you or someone else writes the policy, I can get it
upstreamed.

Dan

Note You need to log in before you can comment on or make changes to this bug.