I guess that this bug is now solved with the recent version of
libselinux?
** Changed in: libselinux (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libselinux in Ubuntu.
https://bugs.launchpad.net/bugs/1424795
Title:
Old libselinux in Precise breaks things in Docker on SELinux-enabled
host
Status in libselinux package in Ubuntu:
Incomplete
Bug description:
In a Docker container running on an SELinux capable kernel, the fact
that /sys is mounted RO is supposed to signal to the container that
SELinux is not supported on the inside, so it doesn't try to do things
that won't work. The version of libselinux in Ubuntu 12.04 is too old
to have the above check, breaking basic functionality like shadow-
utils.
RHEL 6 had the same problem; their fix was to update libselinux:
https://bugzilla.redhat.com/show_bug.cgi?id=1112748
Previously reported downstream: https://github.com/tianon/docker-brew-
ubuntu-core/issues/29
Release: Ubuntu 12.04.5 LTS
Installed package version: 2.1.0-4.1ubuntu1
Expected results:
# useradd test
<success>
# id -Z
id: --context (-Z) works only on an SELinux-enabled kernel
Actual results:
root@b55e77ab9ef4:/# useradd test
useradd: failure while writing changes to /etc/passwd
root@b55e77ab9ef4:/# vipw
vipw: setfscreatecon () failed: Permission denied
vipw: /etc/passwd is unchanged
root@b55e77ab9ef4:/# id -Z
system_u:system_r:svirt_lxc_net_t:s0:c14,c127
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libselinux/+bug/1424795/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
