Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > "Serge E. Hallyn" <serge@xxxxxxxxxx> writes: > > > Note you need the following bit on top of your patch to make newuidmap > > and newgidmap link against libselinux. Otherwise selinux-enabled builds > > (default in ubuntu) fail. > > Interesting. I can't imagine what brings in libselinux. But I am in > favor of whatever works. FWIW, it came in through libshadow (presumably shadowio.c which includes commonio, which calls set_selinux_file_context). Oh, I also see newuidmap.c #including subordinateio which includes commonio. libtool: link: gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall -Wl,-Bsymbolic-functions -Wl,-z -Wl,relro -o newgidmap newgidmap.o ../libmisc/libmisc.a ../lib/.libs/libshadow.a ../lib/.libs/libshadow.a(selinux.o): In function `set_selinux_file_context': /build/buildd/shadow-4.1.5.1/lib/selinux.c:64: undefined reference to `matchpathcon' /build/buildd/shadow-4.1.5.1/lib/selinux.c:70: undefined reference to `setfscreatecon' /build/buildd/shadow-4.1.5.1/lib/selinux.c:75: undefined reference to `freecon' /build/buildd/shadow-4.1.5.1/lib/selinux.c:58: undefined reference to `is_selinux_enabled' /build/buildd/shadow-4.1.5.1/lib/selinux.c:65: undefined reference to `security_getenforce' /build/buildd/shadow-4.1.5.1/lib/selinux.c:71: undefined reference to `security_getenforce' ../lib/.libs/libshadow.a(selinux.o): In function `reset_selinux_file_context': /build/buildd/shadow-4.1.5.1/lib/selinux.c:94: undefined reference to `setfscreatecon' /build/buildd/shadow-4.1.5.1/lib/selinux.c:90: undefined reference to `is_selinux_enabled' collect2: error: ld returned 1 exit status _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
