Hi, As explained in #734454 (which is different but somewhat related), the selinuxfs on the chroot should probably be mounted as readonly so the userspace in the chroot would think that selinux is disabled.
The proper way to set the fs read-only without interfering with the selinuxfs from the host is to bind mount it from the host and then set it as ro like this: mount --bind /sys/fs/selinux /var/chroot/sys/fs/selinux mount -o remount,ro,bind /var/chroot/sys/fs/selinux Cheers, Laurent Bigonville -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
