From 70cb8675a3ec26a3085458089a2d8cc1b735527b5e44f7e2f271f25f06df0bd7 Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Wed, 8 May 2024 11:46:50 +0000
Subject: [PATCH] Accepting request 1172709 from
 home:jsegitz:branches:security:SELinux_varrun

- Fixed varrun-convert.sh script to not break because of duplicate
  entries

OBS-URL: https://build.opensuse.org/request/show/1172709
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=220
---
 selinux-policy.changes |  6 ++++++
 varrun-convert.sh      | 12 +++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/selinux-policy.changes b/selinux-policy.changes
index f4a57b2..0fe9e81 100644
--- a/selinux-policy.changes
+++ b/selinux-policy.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed May  8 11:06:43 UTC 2024 - Johannes Segitz <jsegitz@suse.com>
+
+- Fixed varrun-convert.sh script to not break because of duplicate
+  entries
+
 -------------------------------------------------------------------
 Mon May  6 07:44:20 UTC 2024 - Johannes Segitz <jsegitz@suse.com>
 
diff --git a/varrun-convert.sh b/varrun-convert.sh
index b41b5ca..270ce1e 100644
--- a/varrun-convert.sh
+++ b/varrun-convert.sh
@@ -37,6 +37,7 @@ if ! grep -q ^/var/run ${FILE_CONTEXTS}; then
 fi
 
 EXTRA_VARRUN_ENTRIES_WITHDUP="$OUTPUTDIR/extra_varrun_entries_dup.txt"
+EXTRA_VARRUN_ENTRIES_WITHDUP_TMP="$OUTPUTDIR/extra_varrun_entries_dup.tmp"
 EXTRA_VARRUN_ENTRIES="$OUTPUTDIR/extra_varrun_entries.txt"
 EXTRA_VARRUN_CIL="$OUTPUTDIR/extra_varrun.cil"
 
@@ -47,12 +48,21 @@ grep ^/var/run ${FILE_CONTEXTS} > ${EXTRA_VARRUN_ENTRIES_WITHDUP}
 sed -i 's/[ \t]\+/ /g' ${EXTRA_VARRUN_ENTRIES_WITHDUP}
 sed 's/[ \t]\+/ /g' ${FILE_CONTEXTS} > ${FILE_CONTEXTS_UNIFIED}
 
+rm -f $EXTRA_VARRUN_ENTRIES_WITHDUP_TMP
+touch $EXTRA_VARRUN_ENTRIES_WITHDUP_TMP
 # Deduplicate already existing /var/run=/run entries
 while read line
 do
   subline="${line#/var}"
   if ! grep -q "^${subline}" ${FILE_CONTEXTS_UNIFIED}; then
-    echo "$line"
+    # check for overal duplicate entries
+    subline2=$(echo $line | sed -E -e 's/ \S+$//')
+    if ! grep -q "^${subline2}" ${EXTRA_VARRUN_ENTRIES_WITHDUP_TMP}; then
+      echo "$line"
+      echo "$line" >> $EXTRA_VARRUN_ENTRIES_WITHDUP_TMP
+    else
+      >&2 echo "DUP: $line"
+    fi
   fi
 done < ${EXTRA_VARRUN_ENTRIES_WITHDUP} > ${EXTRA_VARRUN_ENTRIES}