[systemd-devel] systemd and chroot()
Matthew Garrett
mjg59 at google.com
Tue Jun 4 16:45:41 UTC 2019
On Tue, Jun 4, 2019 at 9:42 AM Steve Dickson <SteveD at redhat.com> wrote:
> AVC avc: denied { sys_chroot } for pid=2919 comm="rpc.mountd" capability=18 scontext=system_u:system_r:nfsd_t:s0 tcontext=system_u:system_r:nfsd_t:s0 tclass=capability permissive=0
This is an SELinux policy violation, nothing to do with systemd.
You're probably not seeing it when you run the daemon by hand because
the SELinux policy doesn't specify a transition in that case, so the
daemon doesn't end up running in the confined context.
More information about the systemd-devel
mailing list