Any use of emerge fails with:
ACCESS DENIED open_wr: /sys/fs/selinux/context
This is because the sandbox prohibits R/W access to /sys/fs/selinux.
It can be easily fixed by editing /etc/sandbox.conf to include RW access on /sys/fs/selinux. We need to see if we can add in this information automatically using our packages, or if we need to document it.
*** Bug 410761 has been marked as a duplicate of this bug. ***
In /usr/lib/portage/bin/misc-functions.sh, you currently allow (in sandbox) to write to /selinux. Recent SELinux systems however have their file system mounted at /sys/fs/selinux, so this location should be supported as well.
Created attachment 307913 [details, diff]
Patch to misc-functions.sh
Suggested change on misc-functions.sh
Thanks, this is in git:
This is fixed in 188.8.131.52 and 2.2.0_alpha100.
If portage has this information in its own innards, should it than still be in /usr/portage/profiles/features/selinux/profile.bashrc ?