rpms/grub2
5
0
Fork 0
Code Issues Pull Requests Releases Activity

20-grub.install: fix SELinux security type context for BLS

Browse Source 
Resolves: #RHEL-4395
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
This commit is contained in:
Leo Sandoval 2024-08-14 11:00:59 -06:00
parent 6fdedb71d8
commit 3f9a8de27e
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
20-grub.install
View File

@ -90,13 +90,10 @@ case "$COMMAND" in
[[ -d "$BLS_DIR" ]] || mkdir -m 0700 -p "$BLS_DIR" [[ -d "$BLS_DIR" ]] || mkdir -m 0700 -p "$BLS_DIR"
BLS_ID="${MACHINE_ID}-${KERNEL_VERSION}" BLS_ID="${MACHINE_ID}-${KERNEL_VERSION}"
BLS_TARGET="${BLS_DIR}/${BLS_ID}.conf" BLS_TARGET="${BLS_DIR}/${BLS_ID}.conf"
if [[ -f "${KERNEL_DIR}/bls.conf" ]]; then
cp -aT "${KERNEL_DIR}/bls.conf" "${BLS_TARGET}" || exit $?
else
mkbls "${KERNEL_VERSION}" \ mkbls "${KERNEL_VERSION}" \
"$(date -u +%Y%m%d%H%M%S -d "$(stat -c '%y' "${KERNEL_DIR}")")" \ "$(date -u +%Y%m%d%H%M%S -d "$(stat -c '%y' "${KERNEL_DIR}")")" \
>"${BLS_TARGET}" >"${BLS_TARGET}"
fi command -v restorecon &>/dev/null && restorecon -R "${BLS_TARGET}"
LINUX="$(grep '^linux[ \t]' "${BLS_TARGET}" | sed -e 's,^linux[ \t]*,,')" LINUX="$(grep '^linux[ \t]' "${BLS_TARGET}" | sed -e 's,^linux[ \t]*,,')"
INITRD="$(grep '^initrd[ \t]' "${BLS_TARGET}" | sed -e 's,^initrd[ \t]*,,')" INITRD="$(grep '^initrd[ \t]' "${BLS_TARGET}" | sed -e 's,^initrd[ \t]*,,')"

6
grub2.spec
View File

@ -7,7 +7,7 @@
Name: grub2 Name: grub2
Epoch: 1 Epoch: 1
Version: 2.02 Version: 2.02
Release: 156%{?dist} Release: 157%{?dist}
Summary: Bootloader with support for Linux, Multiboot and more Summary: Bootloader with support for Linux, Multiboot and more
Group: System Environment/Base Group: System Environment/Base
License: GPLv3+ License: GPLv3+
@ -510,6 +510,10 @@ fi
%endif %endif
%changelog %changelog
* Wed Aug 14 2024 Leo Sandoval <lsandova@redhat.com> - 2.02-157
- 20-grub-install: fix SELinux security type context for BLS
- Resolves: #RHEL-4395
* Tue Feb 20 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.02-156 * Tue Feb 20 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.02-156
- fs/ntfs: OOB write fix - fs/ntfs: OOB write fix
- (CVE-2023-4692) - (CVE-2023-4692)