Please don't make me do stupid dances (aka results dir is created before SELinux status is checked)

[AdamWill]

[root@adam live]# lorax -p Fedora -v 25 -r 25 -s https://kojipkgs.fedoraproject.org/compose/branched/Fedora-25-20161003.n.0/compose/Everything/x86_64/os -s https://www.happyassassin.net/temp/repo/x86_64 ./results/
2016-10-03 15:50:40,029: Added 'lorax-repo-0': https://kojipkgs.fedoraproject.org/compose/branched/Fedora-25-20161003.n.0/compose/Everything/x86_64/os
2016-10-03 15:50:40,030: Fetching metadata...
2016-10-03 15:50:45,701: Added 'lorax-repo-1': https://www.happyassassin.net/temp/repo/x86_64
2016-10-03 15:50:45,701: Fetching metadata...
2016-10-03 15:50:58,950: checking for root privileges
checking for root privileges
2016-10-03 15:50:58,950: checking the selinux mode
checking the selinux mode
2016-10-03 15:50:58,951: selinux must be disabled or in Permissive mode
selinux must be disabled or in Permissive mode
[root@adam live]# setenforce Permissive
[root@adam live]# lorax -p Fedora -v 25 -r 25 -s https://kojipkgs.fedoraproject.org/compose/branched/Fedora-25-20161003.n.0/compose/Everything/x86_64/os -s https://www.happyassassin.net/temp/repo/x86_64 ./results/
usage: lorax [-h] -p PRODUCT -v VERSION -r RELEASE [-s REPOSITORY]
             [--repo REPOSITORY] [-m REPOSITORY] [-t VARIANT] [-b URL]
             [--isfinal] [-c CONFIGFILE] [--proxy HOST] [-i PACKAGE]
             [--buildarch ARCH] [--volid VOLID] [--macboot] [--nomacboot]
             [--noupgrade] [--logfile LOGFILE] [--tmp TMP]
             [--cachedir CACHEDIR] [--workdir WORKDIR] [--force]
             [--add-template ADD_TEMPLATES]
             [--add-template-var ADD_TEMPLATE_VARS]
             [--add-arch-template ADD_ARCH_TEMPLATES]
             [--add-arch-template-var ADD_ARCH_TEMPLATE_VARS] [--noverify]
             [--sharedir SHAREDIR] [--enablerepo [repo]]
             [--disablerepo [repo]] [--rootfs-size ROOTFS_SIZE] [-V]
             OUTPUTDIR
lorax: error: output directory /home/adamw/local/live/results should not exist.

just check the SELinux status before creating the output directory, and I won't look like an idiot every damn time I run lorax...:)

[vpodzime]

Same here. :)

[bcl]

Better yet is to collect the possible errors and display them all at once instead of failing immediately. See livemedia-creator for example.

[AdamWill]

Yay! But don't we now have the same check twice?

lorax/src/pylorax/__init__.py

Lines 226 to 240 in dc635a9

	# is selinux disabled?
	# With selinux in enforcing mode the rpcbind package required for
	# dracut nfs module, which is in turn required by anaconda module,
	# will not get installed, because it's preinstall scriptlet fails,
	# resulting in an incomplete initial ramdisk image.
	# The reason is that the scriptlet runs tools from the shadow-utils
	# package in chroot, particularly groupadd and useradd to add the
	# required rpc group and rpc user. This operation fails, because
	# the selinux context on files in the chroot, that the shadow-utils
	# tools need to access (/etc/group, /etc/passwd, /etc/shadow etc.),
	# is wrong and selinux therefore disallows access to these files.
	logger.info("checking the selinux mode")
	if selinux.is_selinux_enabled() and selinux.security_getenforce():
	logger.critical("selinux must be disabled or in Permissive mode")
	sys.exit(1)

I guess that should stay for things using pylorax but not lorax CLI...if there are any?

[bcl]

Yes, that's there to catch any library users.