Hi, Dan Walsh and I have been working on confining mock builds with SELinux. As part of this process, we need mock to think selinux is turned off within the chroot. This patch accomplishes this by remounting /proc/filesystems within the chroot so that SELinux appears to be off. We also pass RPM the NOCONTEXTS flag so that it won't put down labels. Thanks, -Thomas
Umm, what patch?
Created attachment 431803 [details] patch to mock
Sorry, think I forgot to attach the patch the first time.
I applied your patch but yum failed due to this block of code: @@ -623,7 +635,7 @@ class Root(object): def _yum(self, cmd, returnOutput=0): """use yum to install packages/package groups into the chroot""" # mock-helper yum --installroot=rootdir cmd - cmdOpts = "" + cmdOpts = "--setopt=tsflags=nocontexts" if not self.online: cmdOpts = "-C" As far as I know, yum does not have a --setopt option.
Thomas, What version of python were you testing with? I think this all works in F14
I have been using yum-3.2.27-16.fc14.noarch, which does have this setopt option.
This bug appears to have been reported against 'rawhide' during the Fedora 14 development cycle. Changing version to '14'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
mock-1.1.3-1.fc14 has been submitted as an update for Fedora 14. http://admin.fedoraproject.org/updates/mock-1.1.3-1.fc14
mock-1.1.3-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/mock-1.1.3-1.fc13
mock-1.0.10-1.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/mock-1.0.10-1.el5
mock-1.0.10-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/mock-1.0.10-1.fc12
mock-1.0.10-1.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mock'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/mock-1.0.10-1.el5
mock-1.1.3-1.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mock'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/mock-1.1.3-1.fc14
mock-1.1.3-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mock'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/mock-1.1.3-1.fc13
mock-1.0.10-1.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mock'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/mock-1.0.10-1.fc12
Created attachment 437374 [details] mock errors I'm not sure if this is the right place for the bug, but I'm seeing some strange warnings upon finishing a mock job when --resultdir is involved. Adding "config_opts['plugin_conf']['selinux_enable'] = False" to site-defaults.cfg remedies it. Packages still build, though. I have attached the console output. This is with mock-1.1.3-1.fc13.noarch.
mock-1.1.3-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
Julian, Argggh, I missed the calls to 'chattr' in utils.rmtree(). I'll have to figure out a way to tell that routine whether to do chattr's, so the next update might take a little bit...
mock-1.1.4-1.fc14 has been submitted as an update for Fedora 14. http://admin.fedoraproject.org/updates/mock-1.1.4-1.fc14
mock-1.1.4-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/mock-1.1.4-1.fc13
mock-1.0.11-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/mock-1.0.11-1.fc12
mock-1.0.11-1.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/mock-1.0.11-1.el5
mock-1.0.11-1.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mock'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/mock-1.0.11-1.el5
I guess this bug supersedes Bug #573111 ?
No, that one is telling yum/rpm not to lay down labels. That operation is not affected by the selinux plugin since that "turns off" selinux when running inside the chroot and all yum/rpm operations happen outside the chroot (they just operation *on* the chroot files).
mock-1.1.4-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.1.4-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.0.11-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.0.12-1.fc12 has been submitted as an update for Fedora 12. https://admin.fedoraproject.org/updates/mock-1.0.12-1.fc12
mock-1.0.12-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mock-1.0.12-1.el5
mock-1.0.13-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mock-1.0.13-1.el5
mock-1.0.13-1.fc12 has been submitted as an update for Fedora 12. https://admin.fedoraproject.org/updates/mock-1.0.13-1.fc12
mock-1.0.14-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mock-1.0.14-1.el5
mock-1.0.15-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mock-1.0.15-1.el5
mock-1.1.9-1.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/mock-1.1.9-1.fc13
mock-1.0.16-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mock-1.0.16-1.el5
mock-1.1.9-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/mock-1.1.9-1.el6
mock-1.1.9-1.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/mock-1.1.9-1.fc14
mock-1.1.9-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.1.9-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.1.10-1.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/mock-1.1.10-1.fc15
mock-1.1.10-1.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/mock-1.1.10-1.fc14
mock-1.0.17-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/mock-1.0.17-1.el5
mock-1.1.10-1.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/mock-1.1.10-1.fc13
mock-1.1.10-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/mock-1.1.10-1.el6
mock-1.1.10-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.1.10-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.1.10-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.0.17-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
mock-1.1.10-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.