almalinux/lorax
14
1
Fork 0
Code Issues Pull Requests Releases Activity

Remove setfiles from mkrootfsimage

Browse Source 
SELinux applies the correct labels, setfiles is no longer needed.
This allows lorax to run with SELinux in Enforcing mode.

Resolves: rhbz#1654795
This commit is contained in:
Brian C. Lane 2018-11-14 12:00:19 -08:00
parent 482d6277e0
commit 6b17850739
1 changed files with 1 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/pylorax/imgutils.py
View File

@ -102,13 +102,6 @@ def mkrootfsimg(rootdir, outfile, label, size=2, sysroot=""):
fssize = None # Let mkext4img figure out the needed size fssize = None # Let mkext4img figure out the needed size
mkext4img(rootdir, outfile, label=label, size=fssize) mkext4img(rootdir, outfile, label=label, size=fssize)
# Reset selinux context on new rootfs
with LoopDev(outfile) as loopdev:
with Mount(loopdev) as mnt:
cmd = [ "setfiles", "-e", "/proc", "-e", "/sys", "-e", "/dev", "-e", "/install",
"/etc/selinux/targeted/contexts/files/file_contexts", "/"]
root = join(mnt, sysroot.lstrip("/"))
runcmd(cmd, root=root)
def mkdiskfsimage(diskimage, fsimage, label="Anaconda"): def mkdiskfsimage(diskimage, fsimage, label="Anaconda"):
""" """
@ -189,7 +182,7 @@ def loop_attach(outfile):
except CalledProcessError: except CalledProcessError:
# Problems running losetup are always errors, raise immediately # Problems running losetup are always errors, raise immediately
raise raise
except RuntimeError as e: except RuntimeError:
# Try to setup the loop device 3 times # Try to setup the loop device 3 times
if retries == 3: if retries == 3:
logger.error("loop_attach failed, retries exhausted.") logger.error("loop_attach failed, retries exhausted.")