Hello,
I'm trying to package virt-bootstrap [0], but various tests fail due to
SELinux. I know some selinux basics from redhat's selinux manual [1],
but am unsure about how to approach the issue.
For example, the following command - extracted from a failing test -
fails due to SELinux:
```
virt-sandbox -c qemu:///session --name=bootstrap_26639 -m host-bind:/mnt=/tmp/tmps77ywg1n_bootstrap_dest -- /bin/tar xf /tmp/tmp8gca1fzq_bootstrap_tarfiles/b52c708f02ff0ee783331f23f723ed9123dfc72994e19d1c33f3bd5db723007a.tar -C /mnt --exclude "dev/*" --overwrite --absolute-names
```
```
type=AVC msg=audit(1525329618.892:19448): avc: denied { read } for pid=31860 comm="qemu-system-x86" name="config" dev="dm-3" ino=4589515 scontext=unconfined_u:unconfined_r:svirt_t:s0:c422,c725 tcontext=unconfined_u:object_r:gconf_home_t:s0 tclass=dir permissive=0
```
I also attached the related specfile to this email. I would appreciate
if someone could take a few minutes to redirect me.
[0] https://github.com/virt-manager/virt-bootstrap
[1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/part_i-selinux
Thanks !
--
Timothée Floure
%global debug_package %{nil}
Name: virt-bootstrap
Version: 1.0.0
Release: 1%{?dist}
Summary: Easy way to setup the root file system for libvirt-based containers
License: GPLv3
URL: https://github.com/virt-manager/%{name}
Source0: https://github.com/virt-manager/%{name}/archive/v%{version}.tar.gz
BuildArch: noarch
BuildRequires: python3-devel
BuildRequires: perl-podlators
BuildRequires: sed
# Provides virt-sandbox
BuildRequires: libvirt-sandbox
# Provides virt-builder
BuildRequires: libguestfs-tools-c
BuildRequires: python3-libguestfs
BuildRequires: python3-passlib
BuildRequires: python3-mock
Requires: skopeo
# Provides virt-sandbox
Requires: libvirt-sandbox
# Provides virt-builder
Requires: libguestfs-tools-c
Requires: python3-libguestfs
Requires: python3-passlib
%description
%{summary}.
%prep
%setup -q
%build
%py3_build
%install
%py3_install
sed -i 's|#!/usr/bin/env python|#!/usr/bin/python|' \
%{buildroot}%{python3_sitelib}/virtBootstrap/virt_bootstrap.py
chmod +x %{buildroot}%{python3_sitelib}/virtBootstrap/virt_bootstrap.py
%check
%{__python3} setup.py test
%files
%license LICENSE
%doc README.md
%{_bindir}/%{name}
%{python3_sitelib}/*
%{_mandir}/man1/%{name}.1*
%changelog
* Mon Apr 30 2018 Timothée Floure <fnux@xxxxxxxxxxxxxxxxx> - 1.0.0-1
- Let there be package
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/EYYT6HPMNJXQNFRUR3BA3NLVCFLY6RMA/
