Le Ven 27 janvier 2006 17:29, Steve Brueckner a écrit : > I'm creating an SELinux-enabled Xen VM on FC4. I create the file system > for > the VM by copying the filesystem from the underlying host. For the very > first boot of the VM, I have it /.auotrelabel. However, when I then try > to > install an rpm inside the VM I get an avc denied, even though I can > install > the same rpm on the underlying host just fine. Even stranger, if I reboot > the VM once, I then have no problem installing the rpm inside of it. I strongly suspect autorelabel is WAY BROKEN right now, meaning in many cases after a relabel the system should reboot but doesn't (ie the new policy is not effective after the relabeling before a reboot has occurred, in fact I wonder what exact policy mashup applies till then) This could be related to https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178125 I haven't have the time to do a complete investigation I may be totally wrong but that's how things look like from there -- Nicolas Mailhot -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
