Rebooting builders back to disabled selinux
Jeremy Katz
katzj at redhat.com
Wed Nov 7 02:57:00 UTC 2007
On Tue, 2007-11-06 at 18:03 -0500, Jesse Keating wrote:
> Having the builders with selinux enabled (even in permissive) is
> causing problems with rawhide composes. Until we can research the
> problems more fully, I have decided to disable selinux on the
> builders. This will allow rawhide to be installable once more, which
> is going to be important in the next few days.
Just to give a little bit more information on what's going on --
When we build the second stage for anaconda, we're now using yum rather
than rpm2cpio (this change occurred a few months ago). This means that
rpmlib wants to set file contexts on the files as it looks like SELinux
is enabled. Unfortunately, the current rawhide policy defines a type
for some of the files which the FC6 policy doesn't know about. So
trying to set those contexts fails. Which then leads to packages
failing to install and things fall down.
The likely fix is probably going to involve using the hacky fake
libselinux from mock when building the anaconda chroot. But needs some
more investigation and poking. Now that Jesse's tracked it down to a
cause, it should be easy enough to install an FC6 box and figure
something out
Jeremy
More information about the Fedora-infrastructure-list
mailing list