From 2d9533ab7f09a6b9fc92787031b376d015898f93 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 22 Mar 2018 14:18:49 +0100
Subject: [PATCH] Revert patch to use restorecon due to unloaded selinux policy

restorecon doese not work inside the chroot, because there is no selinuxfs mounted on
/sys/fs/selinux, leading to no loaded selinux policy being loaded.
Setfiles bypasses the loaded policy, and just uses the installed policy.

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 livecd-tools-revert-restorecon.patch | 20 ++++++++++++++++++++
 livecd-tools.spec                    |  6 +++++-
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 livecd-tools-revert-restorecon.patch

diff --git a/livecd-tools-revert-restorecon.patch b/livecd-tools-revert-restorecon.patch
new file mode 100644
index 0000000..a431426
--- /dev/null
+++ b/livecd-tools-revert-restorecon.patch
@@ -0,0 +1,20 @@
+diff -rup livecd-tools-25.0.orig/imgcreate/kickstart.py livecd-tools-25.0/imgcreate/kickstart.py
+--- livecd-tools-25.0.orig/imgcreate/kickstart.py	2018-03-22 12:52:20.229454637 +0100
++++ livecd-tools-25.0/imgcreate/kickstart.py	2018-03-22 14:12:41.619989962 +0100
+@@ -479,12 +479,12 @@ class SelinuxConfig(KickstartConfig):
+             return
+ 
+         try:
+-            rc = subprocess.call(['restorecon', '-p', '-e', '/proc', '-e',
+-                                  '/sys', '-e', '/dev', '-F', '-R', '/'],
+-                                 preexec_fn=self.chroot)
++            rc = self.call(["/sbin/setfiles", "-p", "-e", "/proc", "-e",
++                            "/sys", "-e", "/dev",
++                            selinux.selinux_file_context_path(), "/"])
+         except OSError as e:
+             if e.errno == errno.ENOENT:
+-                logging.info('The restorecon command is not available.')
++                logging.info('The fixfiles command is not available.')
+                 return
+         if rc:
+             if ksselinux.selinux == ksconstants.SELINUX_ENFORCING:
diff --git a/livecd-tools.spec b/livecd-tools.spec
index 945cd6e..85c4b6c 100644
--- a/livecd-tools.spec
+++ b/livecd-tools.spec
@@ -10,7 +10,7 @@
 Summary: Tools for building live CDs
 Name: livecd-tools
 Version: 25.0
-Release: 5%{?dist}
+Release: 6%{?dist}
 Epoch: 1
 License: GPLv2
 Group: System Environment/Base
@@ -18,6 +18,7 @@ URL: https://github.com/livecd-tools/livecd-tools
 Source0: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.gz
 
 Patch0:	https://github.com/livecd-tools/livecd-tools/commit/491a49ff9aedf5197af3e4dcb0f50351db3cddf0.patch
+Patch1: livecd-tools-revert-restorecon.patch
 
 BuildRequires: python2-devel
 %if %{with python3}
@@ -189,6 +190,9 @@ rm -rfv %{buildroot}%{_mandir}/man8/livecd-iso-to-*
 %endif
 
 %changelog
+* Thu Mar 22 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 1:25.0-6
+- Revert patch to use restorecon due to unloaded selinux policy
+
 * Thu Mar 22 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 1:25.0-5
 - Require selinux-policy-targeted in imgcreate-sysdeps