From 2953328fd0ec1eab948e2001dc2c32e298f1afc7 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Tue, 15 Jan 2019 10:34:54 -0800 Subject: [PATCH] Don't exclude /dev from the `setfiles` in `novirt_install` After a novirt disk image install, we run `setfiles` in the install root to ensure some SELinux contexts are correct. /dev is currently excluded from this run. However, as reported and discussed in https://bugzilla.redhat.com/show_bug.cgi?id=1663040 it seems that with a recent systemd change, startup of many services will fail if /dev itself is incorrectly labelled, and in current Rawhide live images, it *is* incorrectly labelled. Including `/dev` in this setfiles command appears to resolve the problem in my testing. Resolves: rhbz#1663040 Signed-off-by: Adam Williamson (cherry picked from commit 2d3f266373740f34f28626fe5ef04f06ce51735f) --- src/pylorax/installer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pylorax/installer.py b/src/pylorax/installer.py index 8908d48b..cba2c8cd 100644 --- a/src/pylorax/installer.py +++ b/src/pylorax/installer.py @@ -390,7 +390,7 @@ def novirt_install(opts, disk_img, disk_size, cancel_func=None): log.info(line) # Make sure the new filesystem is correctly labeled - setfiles_args = ["-e", "/proc", "-e", "/sys", "-e", "/dev", + setfiles_args = ["-e", "/proc", "-e", "/sys", "/etc/selinux/targeted/contexts/files/file_contexts", "/"] if "--dirinstall" in args: