Do not rm selinux rpm owned directory
Resolves: #2053413 Signed-off-by: Yannick Cote <ycote@redhat.com>
This commit is contained in:
Yannick Cote
parent
de63dedaa1
commit
1fb0ceef29
28
0003-do-not-rm-selinux-rpm-owned-directory.patch
Normal file
28
0003-do-not-rm-selinux-rpm-owned-directory.patch
Normal file
@ -0,0 +1,28 @@
|
||||
kpatch: do not rm selinux rpm owned directory
|
||||
|
||||
As part of the kpatch rpm package installation, the /var/lib/kpatch directory
|
||||
gets created and is set to be selinux owned by the kpatch rpm package.
|
||||
|
||||
There is a problem where uninstalling the last kpatch-patch will also remove
|
||||
this directory. When another kpatch-patch installation occurs, the
|
||||
/var/lib/kpatch get recreated but withtout the selinux context which triggers a
|
||||
policy error.
|
||||
|
||||
Since /var/lib/kpatch is now created by the rpm spec file, do not remove it
|
||||
from the uinstall target of the kpatch script. This insures selinux context
|
||||
consistency.
|
||||
|
||||
RHEL-only.
|
||||
|
||||
Signed-off-by: Yannick Cote <ycote@redhat.com>
|
||||
diff -Nupr kpatch-0.9.4.old/kpatch/kpatch kpatch-0.9.4/kpatch/kpatch
|
||||
--- kpatch-0.9.4.old/kpatch/kpatch 2021-08-26 15:31:07.000000000 -0400
|
||||
+++ kpatch-0.9.4/kpatch/kpatch 2022-06-10 12:19:55.791538218 -0400
|
||||
@@ -584,7 +584,6 @@ case "$1" in
|
||||
echo "uninstalling $PATCH ($KVER)"
|
||||
rm -f "$MODULE" || die "failed to uninstall module $PATCH"
|
||||
rmdir --ignore-fail-on-non-empty "$INSTALLDIR/$KVER" || die "failed to remove directory $INSTALLDIR/$KVER"
|
||||
- rmdir --ignore-fail-on-non-empty "$INSTALLDIR" || die "failed to remove directory $INSTALLDIR"
|
||||
|
||||
;;
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: kpatch
|
||||
Version: 0.9.4
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: Dynamic kernel patch manager
|
||||
|
||||
Group: System Environment/Kernel
|
||||
@ -14,6 +14,7 @@ Source1: kpatch-dnf-v%{kpatch_dnf_ver}.tar.gz
|
||||
# RHEL-only
|
||||
Patch0: 0001-contrib-disable-upstart-kpatch.conf-install.patch
|
||||
Patch1: 0002-kpatch-clarify-unload-unsupport.patch
|
||||
Patch2: 0003-do-not-rm-selinux-rpm-owned-directory.patch
|
||||
|
||||
# Upstream backports (inactive -- for future reference)
|
||||
#Patch100: 0100-xxx.patch
|
||||
@ -49,6 +50,7 @@ kpatch-patch packages updates.
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
# Use this to apply upstream patches to kpatch
|
||||
#%patch100 -p1
|
||||
|
||||
@ -90,6 +92,9 @@ echo "To enable automatic kpatch-patch subscription, run:"
|
||||
echo -e "\t$ dnf kpatch auto"
|
||||
|
||||
%changelog
|
||||
* Fri Jun 10 2022 Yannick Cote <ycote@redhat.com> 0.9.4-3
|
||||
- Do not rm selinux rpm owned directory (rhbz#2053413)
|
||||
|
||||
* Thu Jan 27 2022 Yannick Cote <ycote@redhat.com> 0.9.4-2
|
||||
- Add /usr/lib/kpatch to install and files list to appease SELinux (rhbz#2030004)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user