SELinux policy modules for MySQL and MariaDB packages
299486dc8d
... well, at leats on the SPECfile side. They are still being ignored in the macros themselves
$ rpm -E %selinux_modules_install
|
| if [ -e /etc/selinux/config ]; then
| . /etc/selinux/config
| fi
| _policytype=
| if [ -z "${_policytype}" ]; then
| _policytype="targeted"
| fi
| if [ "${SELINUXTYPE}" = "${_policytype}" ]; then
| /usr/sbin/semodule -n -s ${_policytype} -X 200 -i || :
| /usr/sbin/selinuxenabled && /usr/sbin/load_policy || :
| fi
$ rpm -E %selinux_modules_uninstall
|
| if [ -e /etc/selinux/config ]; then
| . /etc/selinux/config
| fi
| _policytype=
| if [ -z "${_policytype}" ]; then
| _policytype="targeted"
| fi
| if [ $1 -eq 0 ]; then
| if [ "${SELINUXTYPE}" = "${_policytype}" ]; then
| /usr/sbin/semodule -n -X 200 -s ${_policytype} -r &> /dev/null || :
| /usr/sbin/selinuxenabled && /usr/sbin/load_policy || :
| fi
| fi
Defined here:
https://src.fedoraproject.org/rpms/selinux-policy/blob/rawhide/f/rpm.macros#_48
The reason is described here: https://bugzilla.redhat.com/show_bug.cgi?id=1665643
TL;DR: The return values of any scriptlet in Fedora MUST be zero.
No matter how the errors in the scriptlets are handled.
For now, the "handled" means "ignored" in the case of SELinux scriplet macros.
Related: RHEL-22815
|
||
|---|---|---|
| .fmf | ||
| .gitignore | ||
| ci.fmf | ||
| gating.yaml | ||
| mysql-selinux.spec | ||
| sources | ||