Red Hat Bugzilla – Bug 395981
SELinux is preventing /sbin/ldconfig (ldconfig_t) "write" to /dev/null (var_lib_t). durring mock build
Last modified: 2013-01-09 20:43:59 EST
setroublshoot reports an error preventing ldconfig from writing to /dev/null
durring a mock build
Ataching the setroubleshoot output.
Created attachment 267171 [details]
doesnt prevent mock builds, simply produces annoying log messages.
Should be filed against selinux-policy.
This is caused by a mislabling of the mock build direcrtory /dev/null should be
labeled null_device_t not dev_log_t. I think the true solution to get mock to
run in a context that does not transion to confined domains, so these avc's dont
Thanks for the help. I have fixed this in mock by doing a "chcon
This fixes this issue for all of the /dev/ entries in mock. There are still a
couple other denials that dont have file details:
SELinux is preventing /sbin/depmod (depmod_t) "search" to (var_lib_t).
SELinux is preventing useradd (useradd_t) "read write" to (var_log_t).
SELinux is preventing tzdata-update (tzdata_t) "search" to (var_lib_t).
I'm not sure how to fix these because it does not list the path it is trying to
Can you explain more about "get mock to run in a context that does not transion
to confined domains"? I dont follow this.
This specific bug I am going to mark as FIXED - NEXTRELEASE. I dont intend to
make another release for a few weeks, at least. If you would like to check out
the fixed version, please look in the git repository for mock.