Use selinux boolean to enable writing

Resolves: rhbz#1569466
This commit is contained in:
Petr Menšík 2018-05-28 20:34:31 +02:00
parent 5c4c792b8d
commit e3d0b186d1

View File

@ -32,6 +32,7 @@
%if %{with SDB}
%global chroot_sdb_prefix %{bind_dir}/chroot_sdb
%endif
%global selinuxbooleans named_write_master_zones=1
## The order of libs is important. See lib/Makefile.in for details
%define bind_export_libs isc dns isccfg irs
%{!?_export_dir:%global _export_dir /bind9-export/}
@ -136,12 +137,14 @@ Obsoletes: caching-nameserver < 31:9.4.1-7.fc8
Provides: caching-nameserver = 31:9.4.1-7.fc8
Obsoletes: dnssec-conf < 1.27-2
Provides: dnssec-conf = 1.27-2
Requires(post): policycoreutils-python
Requires(post): libselinux-utils
Requires(post): selinux-policy
BuildRequires: gcc, make
# FIXME: Enter correct version of policy changing the directory
Conflicts: selinux-policy < 3.13.1-283.34
BuildRequires: openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
BuildRequires: libidn2-devel, libxml2-devel, GeoIP-devel
BuildRequires: systemd
BuildRequires: selinux-policy
# needed for %%{__python3} macro
BuildRequires: python3-devel
BuildRequires: python3-ply
@ -934,6 +937,7 @@ fi;
%post
%?ldconfig
%selinux_set_booleans %{selinuxbooleans}
if [ "$1" -eq 1 ]; then
# Initial installation
[ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.* /etc/named.* >/dev/null 2>&1 ;
@ -955,6 +959,7 @@ fi
%postun
%?ldconfig
%selinux_unset_booleans %{selinuxbooleans}
# Package upgrade, not uninstall
%systemd_postun_with_restart named.service