RFC: new mock: strategy, selinux, etc.

[Paul Howarth]

On Thu, 2007-01-04 at 10:37 -0600, Clark Williams wrote:
> What I'm looking for from the readership of this list is:
> 
> 1. Review of strategy and code for security issues
> 2. Help in formulating an SELinux plan/policy for mock
> 
> We had some discussion on this issue back in June 2006, but I'd like to
> look at it one more time before inflicting the new mock on the rawhide
> faithful.
> 
> With regard to SELinux, I'm not sure where we need to go with mock. I
> want mock to function properly and securely on a system running SELinux,
> but I'm just not sure how to go about that. I've looked at the steps
> mentioned on:
> 
> 	http://fedoraproject.org/wiki/Extras/MockTricks
> 
> But I'm too SELinux ignorant to be able to make an informed judgment on
> whether that's the right thing to do. Help on this would be greatly
> appreciated.

The SELinux policy on the wiki does two main things:

1. Label everything under /var/lib/mock with a special SELinux context
type that all processes running under mock can do as they like with.

2. Run the mock process with the ability to execute code from writable
memory. This is necessary in order to support technologies such as java
and mono, which are sometimes used during package builds.

So basically it's the minimum necessary to get mock usable under the
targeted policy. Neither of these things should be affected by the
internal restructuring of mock itself.

If the new mock will run OK on FC6, I can test it quite easily as both
of my buildsystem machines are running FC6 with SELinux on.

Paul.