Revert patch to use restorecon due to unloaded selinux policy
restorecon doese not work inside the chroot, because there is no selinuxfs mounted on /sys/fs/selinux, leading to no loaded selinux policy being loaded. Setfiles bypasses the loaded policy, and just uses the installed policy. Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
parent
25da73f1e4
commit
2d9533ab7f
|
@ -0,0 +1,20 @@
|
||||||
|
diff -rup livecd-tools-25.0.orig/imgcreate/kickstart.py livecd-tools-25.0/imgcreate/kickstart.py
|
||||||
|
--- livecd-tools-25.0.orig/imgcreate/kickstart.py 2018-03-22 12:52:20.229454637 +0100
|
||||||
|
+++ livecd-tools-25.0/imgcreate/kickstart.py 2018-03-22 14:12:41.619989962 +0100
|
||||||
|
@@ -479,12 +479,12 @@ class SelinuxConfig(KickstartConfig):
|
||||||
|
return
|
||||||
|
|
||||||
|
try:
|
||||||
|
- rc = subprocess.call(['restorecon', '-p', '-e', '/proc', '-e',
|
||||||
|
- '/sys', '-e', '/dev', '-F', '-R', '/'],
|
||||||
|
- preexec_fn=self.chroot)
|
||||||
|
+ rc = self.call(["/sbin/setfiles", "-p", "-e", "/proc", "-e",
|
||||||
|
+ "/sys", "-e", "/dev",
|
||||||
|
+ selinux.selinux_file_context_path(), "/"])
|
||||||
|
except OSError as e:
|
||||||
|
if e.errno == errno.ENOENT:
|
||||||
|
- logging.info('The restorecon command is not available.')
|
||||||
|
+ logging.info('The fixfiles command is not available.')
|
||||||
|
return
|
||||||
|
if rc:
|
||||||
|
if ksselinux.selinux == ksconstants.SELINUX_ENFORCING:
|
|
@ -10,7 +10,7 @@
|
||||||
Summary: Tools for building live CDs
|
Summary: Tools for building live CDs
|
||||||
Name: livecd-tools
|
Name: livecd-tools
|
||||||
Version: 25.0
|
Version: 25.0
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
|
@ -18,6 +18,7 @@ URL: https://github.com/livecd-tools/livecd-tools
|
||||||
Source0: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.gz
|
Source0: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.gz
|
||||||
|
|
||||||
Patch0: https://github.com/livecd-tools/livecd-tools/commit/491a49ff9aedf5197af3e4dcb0f50351db3cddf0.patch
|
Patch0: https://github.com/livecd-tools/livecd-tools/commit/491a49ff9aedf5197af3e4dcb0f50351db3cddf0.patch
|
||||||
|
Patch1: livecd-tools-revert-restorecon.patch
|
||||||
|
|
||||||
BuildRequires: python2-devel
|
BuildRequires: python2-devel
|
||||||
%if %{with python3}
|
%if %{with python3}
|
||||||
|
@ -189,6 +190,9 @@ rm -rfv %{buildroot}%{_mandir}/man8/livecd-iso-to-*
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Mar 22 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 1:25.0-6
|
||||||
|
- Revert patch to use restorecon due to unloaded selinux policy
|
||||||
|
|
||||||
* Thu Mar 22 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 1:25.0-5
|
* Thu Mar 22 2018 Patrick Uiterwijk <puiterwijk@redhat.com> - 1:25.0-5
|
||||||
- Require selinux-policy-targeted in imgcreate-sysdeps
|
- Require selinux-policy-targeted in imgcreate-sysdeps
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue