Bug#384389: [Pbuilder-maint] Bug#384389: pbuilder: SELinux support,
first step: mount /selinux
Erich Schubert
erich at debian.org
Thu Aug 24 18:51:01 UTC 2006
Hi,
> > if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
> Is this condition enough to determine /selinux is mountable ?
If selinux is enabled, /selinux has to be mounted AFAIK.
So AFAIK that is the best way to test that selinux is enabled.
> > mkdir -p $BUILDPLACE/selinux
> This directory may already exist, so error should be ignored
Thats what the -p is good for. $BUILDPLACE already exists. And I added
it just below the same statement for $BUILDPLACE/proc
> > mount -t selinuxfs /selinux "$BUILDPLACE/selinux"
> Is 'selinuxfs' always available when the above condition is true?
I think so. The mount may however fail in enforcing mode, but thats a
policy issue. If it fails and selinux above is enabled, pbuilder likely
will not work with the same symptoms I had without these lines anyway -
su requiring a password. So what can get worse?
best regards,
Erich Schubert
--
erich@(vitavonni.de|debian.org) -- GPG Key ID: 4B3A135C (o_
Go away or i'll replace you with a very small shell script. //\
Wenn zwei gute Freunde sind, die einander kennen, Sonn' und Mond V_/_
begegnen sich, ehe sie sich trennen. --- Clemens von Brentano
More information about the Pbuilder-maint
mailing list