mock context needs updating

Paul Howarth paul at city-fan.org
Tue Mar 4 13:26:59 UTC 2008


Since mock 0.9.x (I think), mock has dropped the SUID helper and become 
a consolehelper-based application. So /usr/bin/mock, which used to be a 
regular file labelled as unconfined_notrans_exec_t, is now a symlink to 
/usr/sbin/mock. As a result of this, mock now does domain transitions 
and that results in some AVCs.

I think that labelling /usr/sbin/mock as unconfined_notrans_exec_t 
should fix it.

I believe this currently affects Fedora 8 and Rawhide but not (yet) 
Fedora 7.

Paul.




More information about the fedora-selinux-list mailing list