Re: [Rpm-maint] [rpm-software-management/rpm] New setexecfilecon() errors on chroot installs (#1077)

Panu Matilainen Tue, 18 Feb 2020 05:00:14 -0800

Okay, the difference is rpm's own code doing:
```
    if (rc && security_getenforce() < 1)
        rc = RPMRC_OK;
```
versus libselinux setexecfilecon() doing:
```
    if (rc < 0 && security_getenforce() == 0)
        rc = 0;
```


When inside bare chroot with no /sys etc mounts, security_getenforce() fails. 
Rpm discards this, libselinux does not.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1077#issuecomment-587447928

_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint

Re: [Rpm-maint] [rpm-software-management/rpm] New setexecfilecon() errors on chroot installs (#1077)

Reply via email to