From 5c57870019809ed3d4c97f86a0d1336d66661f08 Mon Sep 17 00:00:00 2001
From: Ondrej Mosnacek <omosnace@redhat.com>
Date: Fri, 8 Nov 2019 12:47:09 +0100
Subject: [PATCH] Enable policy optimization

The new v3.0 SELInux userspace added support for optimizing the binary
policy by pruning redundant rules from it. Enable it on Fedora by
default, since it brings noticeable space savings and only negligibly
increases policy build time.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
---
 libsemanage.spec | 5 ++++-
 semanage.conf    | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/libsemanage.spec b/libsemanage.spec
index 6818844..b62de00 100644
--- a/libsemanage.spec
+++ b/libsemanage.spec
@@ -4,7 +4,7 @@
 Summary: SELinux binary policy manipulation library 
 Name: libsemanage
 Version: 3.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: LGPLv2+
 Source0: https://github.com/SELinuxProject/selinux/releases/download/20191204/libsemanage-3.0.tar.gz
 # fedora-selinux/selinux: git format-patch -N libsemanage-3.0 -- libsemanage
@@ -156,6 +156,9 @@ sed -i '1s%\(#! */usr/bin/python\)\([^3].*\|\)$%\13\2%' %{buildroot}%{_libexecdi
 %{_libexecdir}/selinux/semanage_migrate_store
 
 %changelog
+* Wed Jan 22 2020 Ondrej Mosnacek <omosnace@redhat.com> - 3.0-2
+- Enable policy optimization
+
 * Fri Dec  6 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-1
 - SELinux userspace 3.0 release
 
diff --git a/semanage.conf b/semanage.conf
index 9045021..ca21c5b 100644
--- a/semanage.conf
+++ b/semanage.conf
@@ -50,6 +50,7 @@ usepasswd=False
 bzip-small=true
 bzip-blocksize=5
 ignoredirs=/root
+optimize-policy=true
 
 [sefcontext_compile]
 path = /usr/sbin/sefcontext_compile