From 4a4a415f8836c6e114d97d45cac06f841e8a9947 Mon Sep 17 00:00:00 2001
From: "Brian C. Lane" <bcl@redhat.com>
Date: Tue, 13 Nov 2018 11:25:12 -0800
Subject: [PATCH] Remove setfiles from mkrootfsimage

SELinux applies the correct labels, setfiles is no longer needed.
This allows lorax to run with SELinux in Enforcing mode.

(cherry picked from commit 8b11705ea0697dc2ac59f482de3891f4ed03ef19)
---
 src/pylorax/imgutils.py | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/src/pylorax/imgutils.py b/src/pylorax/imgutils.py
index 9e88fbb3..d8d0fb67 100644
--- a/src/pylorax/imgutils.py
+++ b/src/pylorax/imgutils.py
@@ -112,19 +112,6 @@ def mkrootfsimg(rootdir, outfile, label, size=2, sysroot=""):
         fssize = None       # Let mkext4img figure out the needed size
 
     mkext4img(rootdir, outfile, label=label, size=fssize)
-    # Reset selinux context on new rootfs
-    with LoopDev(outfile) as loopdev:
-        with Mount(loopdev) as mnt:
-            cmd = [ "setfiles", "-e", "/proc", "-e", "/sys", "-e", "/dev",
-                    "-e", "/install", "-e", "/ostree",
-                    "/etc/selinux/targeted/contexts/files/file_contexts", "/"]
-            root = join(mnt, sysroot.lstrip("/"))
-            try:
-                runcmd(cmd, root=root)
-            except CalledProcessError as e:
-                logger.error("setfiles exited with a non-zero return code (%d) which may "
-                             "be caused by running without SELinux in Permissive mode.", e.returncode)
-                raise
 
 
 ######## Utility functions ###############################################