Michael Schröder
bffb5f187b
- Add selinux_transactional_update.patch to ignore errors when setting file labels during transactional updates. They will be set upon reboot once the new policy is loaded (bsc#1204605) OBS-URL: https://build.opensuse.org/request/show/1031456 OBS-URL: https://build.opensuse.org/package/show/Base:System/rpm?expand=0&rev=623
30 lines
996 B
Diff
30 lines
996 B
Diff
Index: rpm-4.17.1.1/plugins/selinux.c
|
|
===================================================================
|
|
--- rpm-4.17.1.1.orig/plugins/selinux.c
|
|
+++ rpm-4.17.1.1/plugins/selinux.c
|
|
@@ -7,6 +7,7 @@
|
|
#include <rpm/rpmlog.h>
|
|
#include <rpm/rpmts.h>
|
|
#include "lib/rpmplugin.h"
|
|
+#include <stdlib.h>
|
|
|
|
#include "debug.h"
|
|
|
|
@@ -165,9 +166,15 @@ static rpmRC selinux_fsm_file_prepare(rp
|
|
char *scon = NULL;
|
|
if (selabel_lookup_raw(sehandle, &scon, dest, file_mode) == 0) {
|
|
int conrc = lsetfilecon(path, scon);
|
|
-
|
|
if (conrc == 0 || (conrc < 0 && errno == EOPNOTSUPP))
|
|
rc = RPMRC_OK;
|
|
+ else {
|
|
+ char *tup = getenv("TRANSACTIONAL_UPDATE");
|
|
+ if ( tup != NULL && ! strncmp( tup, "true", 4 ) ) {
|
|
+ rpmlog(RPMLOG_DEBUG, "lsetfilecon failed, will be healed upon reboot (transactional update): (%s, %s)\n", path, scon);
|
|
+ rc = RPMRC_OK;
|
|
+ }
|
|
+ }
|
|
|
|
rpmlog(loglvl(rc != RPMRC_OK), "lsetfilecon: (%s, %s) %s\n",
|
|
path, scon, (conrc < 0 ? strerror(errno) : ""));
|