On Tue, 2007-08-07 at 16:42 -0500, Douglas McClendon wrote: > This might be the wrong list to be asking this, but out of curiosity- > > Why can't relabeling be done if the host is running with selinux > disabled? (selinux=0) > It's just writing some metadata to the fs right? Seems like it should > be possible.
Because the kernel developers have deemed it unsafe to write out any security xattrs which aren't understood by the kernel. The fact that they then get mapped to unlabeled_t doesn't seem to make much difference. Frankly, I think they're wrong, but lengthy attempts to convince them in the past have been unsuccessful. Maybe it's worth tilting at that windmill again. Dunno. > And on a seperate note, I agree that prelinking really ought to be done > in %post. That's something that a kickstart user might be interested in > doing in the non-livecd case as well, for the same reasons, right? Yep. Jeremy -- Fedora-livecd-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-livecd-list
