On Sun, 2005-01-09 at 21:01 -0800, Bob Kashani wrote: > On Sun, 2005-01-09 at 23:20 -0500, Colin Walters wrote: > > On Sun, 2005-01-09 at 19:51 -0800, Bob Kashani wrote: > > > > > I'm actually playing around with UML as well. :) The only issue with > > > virtualization is that you end up taking a performance hit but on the > > > other hand it does make life easier. > > > > Right. By the way, I think Xen is in rawhide now, so that could be > > worth checking out. > > Cool, I'll check it out. Thanks!!! :) > > > > I'll try your patches. But I did figure out a simple workaround. (not > > > mounting /selinux in the chroot). It seems that if you don't > > > mount /selinux in the chroot then load_policy doesn't try to install the > > > policy in the chroot into the running kernel. I have no idea why that is > > > the case. > > > > Well, loading the policy will fail since load_policy just writes data > > to /selinux/load. I'm surprised that doesn't turn into a postinst > > error. > > I just checked the selinux-policy-targeted.spec and in the %post section > at the very end there is an 'exit 0'. Just to clarify: I meant that as an observation and not as something that would cause it to fail. BTW: I have a selinux dir in my chroot but there is nothing in it. Where do the files in /selinux come from? Bob -- Bob Kashani http://www.ocf.berkeley.edu/~bobk/garnome
