rpms/kpatch
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Do not rm selinux rpm owned directory

Browse Source 
Resolves: #2053413

Signed-off-by: Yannick Cote <ycote@redhat.com>
This commit is contained in:
Yannick Cote 2022-06-13 16:24:44 -04:00
parent de63dedaa1
commit 1fb0ceef29
No known key found for this signature in database
GPG Key ID: 8E09064555C8091B
2 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
0003-do-not-rm-selinux-rpm-owned-directory.patch Normal file
View File

@ -0,0 +1,28 @@
kpatch: do not rm selinux rpm owned directory
As part of the kpatch rpm package installation, the /var/lib/kpatch directory
gets created and is set to be selinux owned by the kpatch rpm package.
There is a problem where uninstalling the last kpatch-patch will also remove
this directory. When another kpatch-patch installation occurs, the
/var/lib/kpatch get recreated but withtout the selinux context which triggers a
policy error.
Since /var/lib/kpatch is now created by the rpm spec file, do not remove it
from the uinstall target of the kpatch script. This insures selinux context
consistency.
RHEL-only.
Signed-off-by: Yannick Cote <ycote@redhat.com>
diff -Nupr kpatch-0.9.4.old/kpatch/kpatch kpatch-0.9.4/kpatch/kpatch
--- kpatch-0.9.4.old/kpatch/kpatch 2021-08-26 15:31:07.000000000 -0400
+++ kpatch-0.9.4/kpatch/kpatch 2022-06-10 12:19:55.791538218 -0400
@@ -584,7 +584,6 @@ case "$1" in
echo "uninstalling $PATCH ($KVER)"
rm -f "$MODULE" || die "failed to uninstall module $PATCH"
rmdir --ignore-fail-on-non-empty "$INSTALLDIR/$KVER" || die "failed to remove directory $INSTALLDIR/$KVER"
- rmdir --ignore-fail-on-non-empty "$INSTALLDIR" || die "failed to remove directory $INSTALLDIR"
;;

7
kpatch.spec
View File

@ -2,7 +2,7 @@
Name: kpatch Name: kpatch
Version: 0.9.4 Version: 0.9.4
Release: 2%{?dist} Release: 3%{?dist}
Summary: Dynamic kernel patch manager Summary: Dynamic kernel patch manager
Group: System Environment/Kernel Group: System Environment/Kernel
@ -14,6 +14,7 @@ Source1: kpatch-dnf-v%{kpatch_dnf_ver}.tar.gz
# RHEL-only # RHEL-only
Patch0: 0001-contrib-disable-upstart-kpatch.conf-install.patch Patch0: 0001-contrib-disable-upstart-kpatch.conf-install.patch
Patch1: 0002-kpatch-clarify-unload-unsupport.patch Patch1: 0002-kpatch-clarify-unload-unsupport.patch
Patch2: 0003-do-not-rm-selinux-rpm-owned-directory.patch
# Upstream backports (inactive -- for future reference) # Upstream backports (inactive -- for future reference)
#Patch100: 0100-xxx.patch #Patch100: 0100-xxx.patch
@ -49,6 +50,7 @@ kpatch-patch packages updates.
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1
# Use this to apply upstream patches to kpatch # Use this to apply upstream patches to kpatch
#%patch100 -p1 #%patch100 -p1
@ -90,6 +92,9 @@ echo "To enable automatic kpatch-patch subscription, run:"
echo -e "\t$ dnf kpatch auto" echo -e "\t$ dnf kpatch auto"
%changelog %changelog
* Fri Jun 10 2022 Yannick Cote <ycote@redhat.com> 0.9.4-3
- Do not rm selinux rpm owned directory (rhbz#2053413)
* Thu Jan 27 2022 Yannick Cote <ycote@redhat.com> 0.9.4-2 * Thu Jan 27 2022 Yannick Cote <ycote@redhat.com> 0.9.4-2
- Add /usr/lib/kpatch to install and files list to appease SELinux (rhbz#2030004) - Add /usr/lib/kpatch to install and files list to appease SELinux (rhbz#2030004)