- Don't exclude /dev from the setfiles in novirt_install (awilliam@redhat.com)

Resolves: rhbz#1663040
- dracut-fips is no longer a subpackage, it is included in dracut. (bcl@redhat.com)
This commit is contained in:
Brian C. Lane 2019-01-18 09:19:43 -08:00
parent d039d7ce8e
commit fdd5208425
2 changed files with 7 additions and 48 deletions

View File

@ -1,38 +0,0 @@
From 024293968f5ae3e2d2ea6164b7a693c059dc86c3 Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Tue, 15 Jan 2019 10:34:54 -0800
Subject: [PATCH] Don't exclude /dev from the `setfiles` in `novirt_install`
After a novirt disk image install, we run `setfiles` in the
install root to ensure some SELinux contexts are correct. /dev
is currently excluded from this run. However, as reported and
discussed in https://bugzilla.redhat.com/show_bug.cgi?id=1663040
it seems that with a recent systemd change, startup of many
services will fail if /dev itself is incorrectly labelled, and
in current Rawhide live images, it *is* incorrectly labelled.
Including `/dev` in this setfiles command appears to resolve the
problem in my testing.
Resolves: rhbz#1663040
Signed-off-by: Adam Williamson <awilliam@redhat.com>
---
src/pylorax/installer.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pylorax/installer.py b/src/pylorax/installer.py
index 758c3cf5..6d101609 100644
--- a/src/pylorax/installer.py
+++ b/src/pylorax/installer.py
@@ -389,7 +389,7 @@ def novirt_install(opts, disk_img, disk_size, cancel_func=None):
log.info(line)
# Make sure the new filesystem is correctly labeled
- setfiles_args = ["-e", "/proc", "-e", "/sys", "-e", "/dev",
+ setfiles_args = ["-e", "/proc", "-e", "/sys",
"/etc/selinux/targeted/contexts/files/file_contexts", "/"]
if "--dirinstall" in args:
--
2.20.1

View File

@ -3,8 +3,8 @@
%define debug_package %{nil}
Name: lorax
Version: 30.10
Release: 2%{?dist}
Version: 30.12
Release: 1%{?dist}
Summary: Tool for creating the anaconda install images
Group: Applications/System
@ -16,11 +16,6 @@ URL: https://github.com/weldr/lorax
# tito build --tgz
Source0: %{name}-%{version}.tar.gz
# Ensure /dev is correctly labelled in live images:
# https://github.com/weldr/lorax/pull/568
# https://bugzilla.redhat.com/show_bug.cgi?id=1663040
Patch0: 0001-Don-t-exclude-dev-from-the-setfiles-in-novirt_instal.patch
BuildRequires: python3-devel
Requires: lorax-templates
@ -163,7 +158,6 @@ build images, etc. from the command line.
%prep
%setup -q -n %{name}-%{version}
%patch0 -p1
%build
@ -238,8 +232,11 @@ getent passwd weldr >/dev/null 2>&1 || useradd -r -g weldr -d / -s /sbin/nologin
%{_sysconfdir}/bash_completion.d/composer-cli
%changelog
* Tue Jan 15 2019 Adam Williamson <awilliam@redhat.com> - 30.10-2
- Backport PR #568 to fix Rawhide lives (rhbz#1663040)
* Fri Jan 18 2019 Brian C. Lane <bcl@redhat.com> 30.12-1
- Don't exclude /dev from the `setfiles` in `novirt_install` (awilliam@redhat.com)
* Fri Jan 18 2019 Brian C. Lane <bcl@redhat.com> 30.11-1
- dracut-fips is no longer a subpackage, it is included in dracut. (bcl@redhat.com)
* Tue Jan 08 2019 Brian C. Lane <bcl@redhat.com> 30.10-1
- Remove unneeded else from for/else loop. It confuses pylint (bcl@redhat.com)