Le Sat, 18 May 2013 16:07:41 +0200,
Holger Levsen hol...@layer-acht.org a écrit :
tags 682068 + moreinfo
thanks
Hi Laurent,
Hello,
piuparts is only trying to mount selinux mountpoints if
/usr/sbin/selinuxenabled ran successfully.
I have two problems now:
- /usr/sbin/selinuxenabled doesn't even exist on my wheezy system
This executable is in selinux-utils package.
- isn't there some selinux tool to tell me the expected mountpoint? I
don't want to mess around with versions in piuparts.py source code
(be it wheezy, squeeze, 2.0.96-1 or 2.1.9-5) to decide whether to
mount /selinux or /sys/fs/selinux ?!!
sestatus is giving you this information, but I'm not sure this is
really clean to grep that output (the format is probably not
guaranteed).
I've seen libraries parsing /proc/mounts directly to look for the
selinuxfs mountpoint.
I would suggest you to only test if this filesystem is mounted and not
use the selinuxenabled command to see if selinux is enabled. It might
be possible that this package is not installed on the system even if
selinux is enabled (that's probably not the case on standard setup, but
it might happen).
Cheers
Laurent Bigonville
See below for actual related code. That's it, plus calls to them.
cheers,
Holger
def selinux_enabled(enabled_test=/usr/sbin/selinuxenabled):
if os.access(enabled_test, os.X_OK):
retval, output = run([enabled_test], ignore_errors=True)
if retval == 0:
return True
else:
return False
def mount_selinux(self):
if selinux_enabled():
run([mkdir, -p, self.relative(/selinux)])
run([mount, -t, selinuxfs, /selinux,
self.relative(/selinux)])
logging.info(SElinux mounted into chroot)
def unmount_selinux(self):
if selinux_enabled():
run([umount, self.relative(/selinux)])
logging.info(SElinux unmounted from chroot)
___
SELinux-devel mailing list
SELinux-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
