171 lines
5.1 KiB
Diff
171 lines
5.1 KiB
Diff
From e6f93dfb9f0580bf0f15501e424c99cf3355c4f5 Mon Sep 17 00:00:00 2001
|
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
Date: Wed, 20 Aug 2025 10:36:48 +0100
|
|
Subject: [PATCH] Update common submodule
|
|
|
|
Pulls in the commits listed below. This has no effect as all changes
|
|
are confined to the common/mlcustomize subdirectory which we do not
|
|
use or ship.
|
|
|
|
Richard W.M. Jones (4):
|
|
mlcustomize/SELinux_relabel.ml: Add comment
|
|
mlcustomize/SELinux_relabel.ml: Use new guestfs_setfiles API
|
|
mlcustomize/SELinux_relabel.ml: Relabel every mountpoint
|
|
mlcustomize/firstboot.ml: Use quoted string literals for firstboot
|
|
|
|
Vadim Rozenfeld (1):
|
|
Modify the firstboot script to check the scripts execution return status
|
|
---
|
|
common | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
Submodule common 0e9caa175..7ecf3992b:
|
|
diff --git a/common/mlcustomize/SELinux_relabel.ml b/common/mlcustomize/SELinux_relabel.ml
|
|
index 2f3a09b..f1729e3 100644
|
|
--- a/common/mlcustomize/SELinux_relabel.ml
|
|
+++ b/common/mlcustomize/SELinux_relabel.ml
|
|
@@ -1,5 +1,5 @@
|
|
(* virt-customize
|
|
- * Copyright (C) 2016 Red Hat Inc.
|
|
+ * Copyright (C) 2016-2025 Red Hat Inc.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
@@ -24,6 +24,10 @@ open Printf
|
|
|
|
module G = Guestfs
|
|
|
|
+(* XXX A lot of this code could usefully be moved into
|
|
+ * [libguestfs.git/daemon/selinux.ml].
|
|
+ *)
|
|
+
|
|
let rec relabel (g : G.guestfs) =
|
|
(* Is the guest using SELinux? (Otherwise this is a no-op). *)
|
|
if is_selinux_guest g then (
|
|
@@ -109,5 +113,13 @@ and use_setfiles g =
|
|
g#copy_attributes ~all:true old_specfile specfile
|
|
);
|
|
|
|
+ (* Get the list of mountpoints, since setfiles does not cross
|
|
+ * filesystems (RHEL-108174).
|
|
+ *)
|
|
+ let mps = g#mountpoints () |>
|
|
+ List.map snd |> (* the list of directories *)
|
|
+ List.sort compare |> (* sort them for consistency *)
|
|
+ Array.of_list in
|
|
+
|
|
(* Relabel everything. *)
|
|
- g#selinux_relabel ~force:true specfile "/"
|
|
+ g#setfiles ~force:true specfile mps
|
|
diff --git a/common/mlcustomize/firstboot.ml b/common/mlcustomize/firstboot.ml
|
|
index 6aca4c3..360c33d 100644
|
|
--- a/common/mlcustomize/firstboot.ml
|
|
+++ b/common/mlcustomize/firstboot.ml
|
|
@@ -35,8 +35,7 @@ let sanitize_name =
|
|
module Linux = struct
|
|
let firstboot_dir = "/usr/lib/virt-sysprep"
|
|
|
|
- let firstboot_sh = sprintf "\
|
|
-#!/bin/sh -
|
|
+ let firstboot_sh = sprintf {|#!/bin/sh -
|
|
|
|
### BEGIN INIT INFO
|
|
# Provides: virt-sysprep
|
|
@@ -57,14 +56,14 @@ d=%s/scripts
|
|
d_done=%s/scripts-done
|
|
logfile=~root/virt-sysprep-firstboot.log
|
|
|
|
-echo \"$0\" \"$@\" 2>&1 | tee -a $logfile
|
|
-echo \"Scripts dir: $d\" 2>&1 | tee -a $logfile
|
|
+echo "$0" "$@" 2>&1 | tee -a $logfile
|
|
+echo "Scripts dir: $d" 2>&1 | tee -a $logfile
|
|
|
|
-if test \"$1\" = \"start\"
|
|
+if test "$1" = "start"
|
|
then
|
|
mkdir -p $d_done
|
|
for f in $d/* ; do
|
|
- if test -x \"$f\"
|
|
+ if test -x "$f"
|
|
then
|
|
# move the script to the 'scripts-done' directory, so it is not
|
|
# executed again at the next boot
|
|
@@ -75,7 +74,7 @@ then
|
|
done
|
|
rm -f $d_done/*
|
|
fi
|
|
-" firstboot_dir firstboot_dir
|
|
+|} firstboot_dir firstboot_dir
|
|
|
|
let systemd_target = "multi-user.target"
|
|
|
|
@@ -282,36 +281,41 @@ module Windows = struct
|
|
* XXX It would be better to use powershell here. For some ideas see
|
|
* https://github.com/HCK-CI/HLK-Setup-Scripts/
|
|
*)
|
|
- let firstboot_script = sprintf "\
|
|
-@echo off
|
|
+ let firstboot_script = sprintf {|@echo off
|
|
|
|
setlocal EnableDelayedExpansion
|
|
set firstboot=%s
|
|
-set log=%%firstboot%%\\log.txt
|
|
+set log=%%firstboot%%\log.txt
|
|
|
|
-set scripts=%%firstboot%%\\scripts
|
|
-set scripts_done=%%firstboot%%\\scripts-done
|
|
+set scripts=%%firstboot%%\scripts
|
|
+set scripts_done=%%firstboot%%\scripts-done
|
|
|
|
-call :main >> \"%%log%%\" 2>&1
|
|
+call :main >> "%%log%%" 2>&1
|
|
exit /b
|
|
|
|
:main
|
|
echo starting firstboot service
|
|
|
|
-if not exist \"%%scripts_done%%\" (
|
|
- mkdir \"%%scripts_done%%\"
|
|
+if not exist "%%scripts_done%%" (
|
|
+ mkdir "%%scripts_done%%"
|
|
)
|
|
|
|
:: Pick the next script to run.
|
|
-for %%%%f in (\"%%scripts%%\"\\*.bat) do (
|
|
- echo running \"%%%%f\"
|
|
- move \"%%%%f\" \"%%scripts_done%%\"
|
|
- pushd \"%%scripts_done%%\"
|
|
- call \"%%%%~nf\"
|
|
+for %%%%f in ("%%scripts%%"\*.bat) do (
|
|
+ echo running "%%%%f"
|
|
+ pushd "%%scripts%%"
|
|
+ call "%%%%~nf"
|
|
set elvl=!errorlevel!
|
|
echo .... exit code !elvl!
|
|
popd
|
|
|
|
+ if !elvl! NEQ 249 (
|
|
+ echo Script succeeded, moving to scripts-done
|
|
+ move "%%%%f" "%%scripts_done%%"
|
|
+ ) else (
|
|
+ echo Script failed, will retry on next boot
|
|
+ )
|
|
+
|
|
:: Reboot the computer. This is necessary to free any locked
|
|
:: files which may prevent later scripts from running.
|
|
shutdown /r /t 0 /y
|
|
@@ -323,8 +327,8 @@ for %%%%f in (\"%%scripts%%\"\\*.bat) do (
|
|
|
|
:: Fallthrough here if there are no scripts.
|
|
echo uninstalling firstboot service
|
|
-\"%%firstboot%%\\%s\" -s firstboot uninstall
|
|
-" firstboot_dir_win srvany in
|
|
+"%%firstboot%%\%s" -s firstboot uninstall
|
|
+|} firstboot_dir_win srvany in
|
|
|
|
g#write (firstboot_dir // "firstboot.bat")
|
|
(String.unix2dos firstboot_script);
|
|
--
|
|
2.47.1
|
|
|