diff --git a/shadow-4.14.0-selinux-labels.patch b/shadow-4.14.0-selinux-labels.patch new file mode 100644 index 0000000..548e8c1 --- /dev/null +++ b/shadow-4.14.0-selinux-labels.patch @@ -0,0 +1,21 @@ +commit e635d8eff074d4e00b2952e1e741cb16ad930ae1 +Author: Johannes Segitz +Date: Tue Sep 26 15:14:14 2023 +0200 + + useradd: Set proper SELinux labels also for content coming from def_usrtemplate + + Signed-off-by: Johannes Segitz + +diff --git a/src/useradd.c b/src/useradd.c +index 76a4d649..fe62a051 100644 +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -2788,7 +2788,7 @@ int main (int argc, char **argv) + if (home_added) { + copy_tree (def_template, prefix_user_home, false, true, + (uid_t)-1, user_id, (gid_t)-1, user_gid); +- copy_tree (def_usrtemplate, prefix_user_home, false, false, ++ copy_tree (def_usrtemplate, prefix_user_home, false, true, + (uid_t)-1, user_id, (gid_t)-1, user_gid); + } else { + fprintf (stderr, diff --git a/shadow.changes b/shadow.changes index 8091866..854c3b4 100644 --- a/shadow.changes +++ b/shadow.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Sep 26 13:20:59 UTC 2023 - Johannes Segitz + +- Add shadow-4.14.0-selinux-labels.patch: + Set proper SELinux labels for new homedirs. + See gh/shadow-maint/shadow#812. + ------------------------------------------------------------------- Thu Aug 17 10:14:14 UTC 2023 - Michael Vetter diff --git a/shadow.spec b/shadow.spec index 802890c..1cddfde 100644 --- a/shadow.spec +++ b/shadow.spec @@ -48,6 +48,8 @@ Patch3: shadow-login_defs-comments.patch Patch4: shadow-login_defs-suse.patch # PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions. Patch5: disable_new_audit_function.patch +# PATCH-FIX-SUSE shadow-4.14.0-selinux-labels.patch jsegitz@suse.com -- set proper SELinux labels for new homedirs, gh/shadow-maint/shadow#812 +Patch6: shadow-4.14.0-selinux-labels.patch BuildRequires: audit-devel > 2.3 BuildRequires: autoconf BuildRequires: automake @@ -116,6 +118,7 @@ Development files for libsubid4. %if 0%{?suse_version} < 1330 %patch5 -p1 %endif +%patch6 -p1 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 mv -v doc/HOWTO.utf8 doc/HOWTO