[DSE-Dev] [PATCH] Mount selinuxfs read-only and on new location when possible

Holger Levsen holger at layer-acht.org
Thu May 1 17:12:50 UTC 2014


control: tags -1 + pending
thanks

Hi Laurent,

On Donnerstag, 1. Mai 2014, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon at bigon.be>
> 
> We need to mount the selinuxfs read-only inside the chroot to make the
> userspace think that selinux is disabled. This is required, otherwise
> dpkg will fail as no policy is installed in the chroot.
> 
> We are also moving the mountpoint of the selinuxfs from /selinux to
> /sys/fs/selinux if the /selinux directory is not present on disk. This
> directory has been removed in jessie.
> ---

thanks for the patch, I've merged it into the develop branch now.


cheers,
	Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20140501/fe09a7ef/attachment.sig>


More information about the SELinux-devel mailing list