[DSE-Dev] Bug#776205: selinux-basics: dbus uninstallable in lxc container due to selinux
Laurent Bigonville
bigon at debian.org
Sun Sep 20 19:03:17 UTC 2015
On Sun, 25 Jan 2015 14:49:46 +0100 =?utf-8?B?RsOpbGl4?= Sipma
<felix+debian at gueux.org> wrote:
Hi,
> Woops... selinux is actually installed and enabled (permissive mode) on
> the host
The problem here is probably that the selinuxfs (under /sys/fs/selinux)
is not mounted at all or mounted r/w in the lxc container.
You should bind mount it read-only inside the container with something
like this in the container fstab:
/sys/fs/selinux /var/lib/lxc/myContainer/rootfs/sys/fs/selinux none
bind,ro 0,0
This way the selinux aware application will think that selinux is
disable and will not bother trying to do anything with it
Cheers,
Laurent Bigonville
More information about the SELinux-devel
mailing list