[Rpm-maint] [Patch] Get RPM to not put down SELinux labels if NOCONTEXTS flag is enabled

Panu Matilainen pmatilai at laiskiainen.org
Wed Aug 11 06:19:19 UTC 2010


On Wed, 14 Jul 2010, Thomas Liu wrote:

> Hi,
>
> Dan Walsh and I have been working on confining mock builds with SELinux. 
> As part of this process, we needed rpm to not put down SELinux labels 
> inside the chroot, and wanted to accomplish this with the NOCONTEXTS 
> flag, which this patch gets rpm to honor.

Rpm does honor RPMTRANS_FLAG_NOCONTEXTS for not putting down SELinux 
labels as it AFAICT. What's the exact problem this is supposed to solve? 
The only place that I can think of where this change might matter is 
rpm_execcon() getting called when NOCONTEXTS is used and you'd want 
regular execv(), or am I missing something?

 	- Panu -


More information about the Rpm-maint mailing list