On Sun, Sep 26, 2010 at 13:11:26 -0500,
Bruno Wolff III <[email protected]> wrote:
> On Sun, Sep 26, 2010 at 19:53:50 +0200,
> Johan Vromans <[email protected]> wrote:
> > Bruno Wolff III <[email protected]> writes:
> >
> > > Are you running into this issue on F14?
> >
> > F13, but with the F14 version of livecd-tools.
>
> Commit 158f7c6a327e2e8de1f3dd55c9125858c10582f7 is supposed to allow this.
> (http://git.fedorahosted.org/git/?p=livecd;a=commitdiff;h=158f7c6a327e2e8de1f3dd55c9125858c10582f7;hp=d17704983b857889612a6963b6bd7ef456d12e2e)
>
> Maybe something in setfiles also changed. I didn't see any applicable note
> in the rpm changelog for policycoreutils though.
>
> It could be a bug. I think there needs to be a -c before the policy file.
>
> Dan, does that commit look correct to you?
It looks like that parameter is the spec file, not a policy. So -c isn't
needed. But the man page suggests that the specfile needs to come after
options. I don't know if putting it in early will break things or not.
I don't have any systems running in disabled mode and switching out for
testing isn't real convenient as that triggers a relabel.
You might try editing /usr/lib/python2.6/site-packages/imgcreate/kickstart.py
and change:
self.call(["/sbin/setfiles",
"/etc/selinux/targeted/contexts/files/file_contexts", "-e", "/proc", "-e",
"/sys", "-e", "/dev", "-e", "/selinux", "/"])
To:
self.call(["/sbin/setfiles", "-e", "/proc", "-e", "/sys", "-e", "/dev",
"-e", "/selinux", "/etc/selinux/targeted/contexts/files/file_contexts", "/"])
and see if that affects things.
--
livecd mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/livecd
