Daniel J Walsh ([EMAIL PROTECTED]) said: > Well I think we need to do a couple of these to figure out the common > requirements. > > I envision mock to be quite different then livecd. I think we need to > full the mock chroot to think SELinux is disabled and to do no labeling > in the chroot. This would allow us to confine the mock process to be > able to write to the chroot and label the chroot mock_rw_t. We could > then use SELinux to prevent mock environments from breaking out of the > chroot, and stop mock environments from doing evil network things within > the chroot. > > In livecd we need to be able to put down labels that the host machine > does not understand.
The problem is that mock can be used to do non-build things. (For example, creating the anaconda install images.) Bill -- Fedora-livecd-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-livecd-list
