Hi, when trying to setup FC2 chroots on FC3 hosts I get a lot of selinux errors. The filesystem in question has the following (default) security contexts in place: root:object_r:default_t (fs is mounted beneath /data in permissive/targeted mode) The errors look like the following: cracklib-dicts ################################################## +error: unpacking of archive failed on file /usr/lib64/cracklib_dict.hwm: cpio: lsetfilecon failed - Inappropriate ioctl for device sed ################################################## libattr ################################################## libacl ################################################## coreutils ################################################## +error: unpacking of archive failed on file /usr/sbin/chroot: cpio: lsetfilecon failed - Inappropriate ioctl for device It looks like these FC2 packages have stored security contexts in the archive and rpm cannot recreate them. a) Why cannot rpm recreate the security contexts? Do I need some special policies to allow setting up chroots into /some/path/to/chroot? b) Why does this only occur in FC2 and not FC3 chroots? Don't FC3 packages contain security contexts anymore (namely coreutils and cracklib-dicts)? Perhaps because of the above? c) Should rpm handle these failures more gracefully, i.e. have a switch to turn them into warnings? Thanks! -- Axel.Thimm at ATrpms.net
Attachment:
pgpSLW8WFvcKx.pgp
Description: PGP signature
_______________________________________________ Rpm-list mailing list Rpm-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/rpm-list
