FC2 useradd in chroot on FC5 host with SELinux
Paul Howarth
paul at city-fan.org
Thu Jun 29 17:25:32 UTC 2006
I use mock to build packages for old distributions in a chroot-ed
environment on my FC5 box. I've pretty well got this working for all old
distributions now apart from FC2 (see
http://www.fedoraproject.org/wiki/Legacy/Mock). On FC2, the process gets
off to quite a good start, installing the following packages into the
chroot:
=============================================================================
Package Arch Version Repository
Size
=============================================================================
Installing:
buildsys-build noarch 0.5-1.CF.fc2 groups
1.8 k
Installing for dependencies:
SysVinit i386 2.85-25 core
96 k
basesystem noarch 8.0-3 core
2.7 k
bash i386 2.05b-38 core
1.5 M
beecrypt i386 3.1.0-3 core
64 k
binutils i386 2.15.90.0.3-5 core
2.8 M
buildsys-macros noarch 2-2.fc2 groups
2.1 k
bzip2 i386 1.0.2-12.1 core
48 k
bzip2-libs i386 1.0.2-12.1 core
32 k chkconfig i386 1.3.9-1.1 core
99 k
coreutils i386 5.2.1-7 core
2.8 M
cpio i386 2.5-6 core
45 k
cpp i386 3.3.3-7 core
1.4 M
cracklib i386 2.7-27.1 core
26 k
cracklib-dicts i386 2.7-27.1 core
409 k
db4 i386 4.2.52-3.1 core
1.5 M
dev i386 3.3.13-1 core
3.6 M
diffutils i386 2.8.1-11 core
205 k
e2fsprogs i386 1.35-7.1 core
728 k
elfutils-libelf i386 0.95-2 core
36 k
ethtool i386 1.8-3.1 core
48 k
fedora-release i386 2-4 core
92 k
file i386 4.07-4 core
242 k
filesystem i386 2.2.4-1 core
18 k
findutils i386 1:4.1.7-25 core
102 k
gawk i386 3.1.3-7 core
1.5 M
gcc i386 3.3.3-7 core
3.8 M
gcc-c++ i386 3.3.3-7 core
2.0 M
gdbm i386 1.8.0-22.1 core
26 k
glib i386 1:1.2.10-12.1.1 core
134 k
glib2 i386 2.4.8-1.fc2 updates-released
477 k
glibc i686 2.3.3-27.1 updates-released
4.9 M
glibc-common i386 2.3.3-27.1 updates-released
14 M
glibc-devel i386 2.3.3-27.1 updates-released
1.9 M
glibc-headers i386 2.3.3-27.1 updates-released
530 k
glibc-kernheaders i386 2.4-8.44 core
697 k
grep i386 2.5.1-26 core
168 k
gzip i386 1.3.3-12.2.legacy updates-released
88 k
info i386 4.7-4 updates-released
147 k
initscripts i386 7.55.2-1 updates-released
906 k
iproute i386 2.4.7-14 core
591 k
iputils i386 20020927-13 core
92 k
less i386 382-3 core
85 k
libacl i386 2.2.7-5 core
15 k
libattr i386 2.4.1-4 core
8.6 k
libgcc i386 3.3.3-7 core
33 k
libselinux i386 1.11.4-1 core
45 k
libstdc++ i386 3.3.3-7 core
240 k
libstdc++-devel i386 3.3.3-7 core
1.3 M
libtermcap i386 2.0.8-38 core
12 k
make i386 1:3.80-3 core
337 k
mingetty i386 1.07-2 core
18 k
mktemp i386 2:1.5-7 core
12 k
modutils i386 2.4.26-16 core
395 k
ncurses i386 5.4-5 core
1.5 M
net-tools i386 1.60-25.1 updates-released
311 k
pam i386 0.77-40 core
1.9 M
patch i386 2.5.4-19 core
61 k
pcre i386 4.5-2 core
59 k
perl i386 3:5.8.3-18 core
11 M
perl-Filter i386 1.30-5 core
68 k
popt i386 1.9.1-0.4.1 updates-released
61 k
procps i386 3.2.0-1.2 updates-released
176 k
psmisc i386 21.4-2 core
41 k
redhat-rpm-config noarch 8.0.28-1.1.1 core
41 k
rpm i386 4.3.1-0.4.1 updates-released
2.2 M
rpm-build i386 4.3.1-0.4.1 updates-released
437 k
sed i386 4.0.8-4 core
116 k
setup noarch 2.5.33-1 core
29 k
shadow-utils i386 2:4.0.3-55 updates-released
671 k
sysklogd i386 1.4.1-16 core
65 k
tar i386 1.13.25-14 core
351 k
termcap noarch 11.0.1-18.1 core
237 k
tzdata noarch 2005f-1.fc2 updates-released
449 k
unzip i386 5.50-37 core
139 k
util-linux i386 2.12-19 updates-released
1.5 M
which i386 2.16-2 core
21 k
words noarch 2-22 core
137 k
zlib i386 1.2.1.2-0.fc2 updates-released
44 k
After installing all of these packages successfully, the next thing that
happens is:
Executing /usr/sbin/mock-helper
chroot /var/lib/mock/fedora-2-i386-core/root /bin/su - root -c
"/usr/sbin/useradd -m -u 500 -d /builddir mockbuild"
and at that point the "useradd" process just hangs indefinitely. I'm
told that if SELinux is disabled (I've tried permissive mode and that
doesn't help), this works. I can't see any AVCs in the logs.
Any ideas what might be causing this and how it might be fixed?
Paul.
More information about the fedora-selinux-list
mailing list