From d039d7ce8ed30e159bd66f3e7dec4bdcf3dcf6ce Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Tue, 15 Jan 2019 22:45:22 -0800
Subject: [PATCH] Backport PR #568 to fix Rawhide lives (rhbz#1663040)

---
 ...v-from-the-setfiles-in-novirt_instal.patch | 38 +++++++++++++++++++
 lorax.spec                                    | 11 +++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 0001-Don-t-exclude-dev-from-the-setfiles-in-novirt_instal.patch

diff --git a/0001-Don-t-exclude-dev-from-the-setfiles-in-novirt_instal.patch b/0001-Don-t-exclude-dev-from-the-setfiles-in-novirt_instal.patch
new file mode 100644
index 0000000..dfef1d8
--- /dev/null
+++ b/0001-Don-t-exclude-dev-from-the-setfiles-in-novirt_instal.patch
@@ -0,0 +1,38 @@
+From 024293968f5ae3e2d2ea6164b7a693c059dc86c3 Mon Sep 17 00:00:00 2001
+From: Adam Williamson <awilliam@redhat.com>
+Date: Tue, 15 Jan 2019 10:34:54 -0800
+Subject: [PATCH] Don't exclude /dev from the `setfiles` in `novirt_install`
+
+After a novirt disk image install, we run `setfiles` in the
+install root to ensure some SELinux contexts are correct. /dev
+is currently excluded from this run. However, as reported and
+discussed in https://bugzilla.redhat.com/show_bug.cgi?id=1663040
+it seems that with a recent systemd change, startup of many
+services will fail if /dev itself is incorrectly labelled, and
+in current Rawhide live images, it *is* incorrectly labelled.
+Including `/dev` in this setfiles command appears to resolve the
+problem in my testing.
+
+Resolves: rhbz#1663040
+
+Signed-off-by: Adam Williamson <awilliam@redhat.com>
+---
+ src/pylorax/installer.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/pylorax/installer.py b/src/pylorax/installer.py
+index 758c3cf5..6d101609 100644
+--- a/src/pylorax/installer.py
++++ b/src/pylorax/installer.py
+@@ -389,7 +389,7 @@ def novirt_install(opts, disk_img, disk_size, cancel_func=None):
+             log.info(line)
+ 
+         # Make sure the new filesystem is correctly labeled
+-        setfiles_args = ["-e", "/proc", "-e", "/sys", "-e", "/dev",
++        setfiles_args = ["-e", "/proc", "-e", "/sys",
+                          "/etc/selinux/targeted/contexts/files/file_contexts", "/"]
+ 
+         if "--dirinstall" in args:
+-- 
+2.20.1
+
diff --git a/lorax.spec b/lorax.spec
index 2efd018..f37813f 100644
--- a/lorax.spec
+++ b/lorax.spec
@@ -4,7 +4,7 @@
 
 Name:           lorax
 Version:        30.10
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Tool for creating the anaconda install images
 
 Group:          Applications/System
@@ -16,6 +16,11 @@ URL:            https://github.com/weldr/lorax
 # tito build --tgz
 Source0:        %{name}-%{version}.tar.gz
 
+# Ensure /dev is correctly labelled in live images:
+# https://github.com/weldr/lorax/pull/568
+# https://bugzilla.redhat.com/show_bug.cgi?id=1663040
+Patch0:         0001-Don-t-exclude-dev-from-the-setfiles-in-novirt_instal.patch
+
 BuildRequires:  python3-devel
 
 Requires:       lorax-templates
@@ -158,6 +163,7 @@ build images, etc. from the command line.
 
 %prep
 %setup -q -n %{name}-%{version}
+%patch0 -p1
 
 %build
 
@@ -232,6 +238,9 @@ getent passwd weldr >/dev/null 2>&1 || useradd -r -g weldr -d / -s /sbin/nologin
 %{_sysconfdir}/bash_completion.d/composer-cli
 
 %changelog
+* Tue Jan 15 2019 Adam Williamson <awilliam@redhat.com> - 30.10-2
+- Backport PR #568 to fix Rawhide lives (rhbz#1663040)
+
 * Tue Jan 08 2019 Brian C. Lane <bcl@redhat.com> 30.10-1
 - Remove unneeded else from for/else loop. It confuses pylint (bcl@redhat.com)
 - Turn off pylint warning about docstring with backslash (bcl@redhat.com)