Since mock 0.9.x (I think), mock has dropped the SUID helper and become
a consolehelper-based application. So /usr/bin/mock, which used to be a
regular file labelled as unconfined_notrans_exec_t, is now a symlink to
/usr/sbin/mock. As a result of this, mock now does domain transitions
and that results in some AVCs.
I think that labelling /usr/sbin/mock as unconfined_notrans_exec_t
should fix it.
I believe this currently affects Fedora 8 and Rawhide but not (yet)
Fedora 7.
Paul.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
