testing/rpm
SHA256
3
0
Fork 0
forked from pool/rpm
Code Pull Requests Activity

Accepting request 1031456 from home:jsegitz:branches:openSUSE:Factory

Browse Source 
- Add selinux_transactional_update.patch to ignore errors when setting
  file labels during transactional updates. They will be set upon
  reboot once the new policy is loaded (bsc#1204605)

OBS-URL: https://build.opensuse.org/request/show/1031456
OBS-URL: https://build.opensuse.org/package/show/Base:System/rpm?expand=0&rev=623
This commit is contained in:
Michael Schröder 2022-11-10 11:59:16 +00:00 committed by Git OBS Bridge
parent e72ca91119
commit bffb5f187b
3 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
rpm.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Tue Oct 25 12:15:12 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
- Add selinux_transactional_update.patch to ignore errors when setting
file labels during transactional updates. They will be set upon
reboot once the new policy is loaded (bsc#1204605)
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Sep 23 11:06:06 UTC 2022 - Stephan Kulow <coolo@suse.com> Fri Sep 23 11:06:06 UTC 2022 - Stephan Kulow <coolo@suse.com>

2
rpm.spec
View File

@ -111,6 +111,7 @@ Patch123: nextiteratorheaderblob.diff
Patch131: posttrans.diff Patch131: posttrans.diff
Patch133: zstdpool.diff Patch133: zstdpool.diff
Patch134: zstdthreaded.diff Patch134: zstdthreaded.diff
Patch135: selinux_transactional_update.patch
# touches a generated file # touches a generated file
Patch180: whatrequires-doc.diff Patch180: whatrequires-doc.diff
Patch6464: auto-config-update-aarch64-ppc64le.diff Patch6464: auto-config-update-aarch64-ppc64le.diff
@ -222,6 +223,7 @@ rm -rf sqlite
%patch -P 100 -P 102 -P 103 %patch -P 100 -P 102 -P 103
%patch -P 117 %patch -P 117
%patch -P 122 -P 123 -P 131 -P 133 -P 134 %patch -P 122 -P 123 -P 131 -P 133 -P 134
%patch -p1 -P 135
%patch -P 180 %patch -P 180
%ifarch aarch64 ppc64le riscv64 %ifarch aarch64 ppc64le riscv64

29
selinux_transactional_update.patch Normal file
View File

@ -0,0 +1,29 @@
Index: rpm-4.17.1.1/plugins/selinux.c
===================================================================
--- rpm-4.17.1.1.orig/plugins/selinux.c
+++ rpm-4.17.1.1/plugins/selinux.c
@@ -7,6 +7,7 @@
#include <rpm/rpmlog.h>
#include <rpm/rpmts.h>
#include "lib/rpmplugin.h"
+#include <stdlib.h>
#include "debug.h"
@@ -165,9 +166,15 @@ static rpmRC selinux_fsm_file_prepare(rp
char *scon = NULL;
if (selabel_lookup_raw(sehandle, &scon, dest, file_mode) == 0) {
int conrc = lsetfilecon(path, scon);
-
if (conrc == 0 || (conrc < 0 && errno == EOPNOTSUPP))
rc = RPMRC_OK;
+ else {
+ char *tup = getenv("TRANSACTIONAL_UPDATE");
+ if ( tup != NULL && ! strncmp( tup, "true", 4 ) ) {
+ rpmlog(RPMLOG_DEBUG, "lsetfilecon failed, will be healed upon reboot (transactional update): (%s, %s)\n", path, scon);
+ rc = RPMRC_OK;
+ }
+ }
rpmlog(loglvl(rc != RPMRC_OK), "lsetfilecon: (%s, %s) %s\n",
path, scon, (conrc < 0 ? strerror(errno) : ""));