User-mode networking daemons for virtual machines and namespaces
7375212a6a
pasta and pasta.avx2 are now hard links, and their file context didn't change from previous versions, but the SELinux plug-in of rpm(8) might mix up their contexts depending on the order of entries in the archive. This doesn't happen on Fedora by luck, but on RHEL: D: create 100755 1 ( 0, 0)184640 /usr/bin/passt.avx2;64e4a813 ufdio: 6 writes, 184640 total bytes in 0.000104 secs D: Plugin: calling hook fsm_file_prepare in selinux plugin D: lsetfilecon: (/usr/bin/passt.avx2;64e4a813, system_u:object_r:passt_exec_t:s0) D: create 100755 1 ( 0, 0)184640 /usr/bin/pasta.avx2;64e4a813 ufdio: 6 writes, 184640 total bytes in 0.000065 secs D: Plugin: calling hook fsm_file_prepare in selinux plugin D: lsetfilecon: (/usr/bin/pasta.avx2;64e4a813, system_u:object_r:pasta_exec_t:s0) so far so good. Then: D: create 100755 2 ( 0, 0) 0 /usr/bin/passt;64e4a813 D: create 100755 2 ( 0, 0)164128 /usr/bin/pasta;64e4a813 ufdio: 6 writes, 164128 total bytes in 0.000058 secs D: Plugin: calling hook fsm_file_prepare in selinux plugin D: lsetfilecon: (/usr/bin/pasta;64e4a813, system_u:object_r:pasta_exec_t:s0) which leads to: [sbrivio@passt ~]$ ls -lZ /usr/bin/passt -rwxr-xr-x. 2 root root system_u:object_r:pasta_exec_t:s0 164128 Aug 21 17:53 /usr/bin/passt [sbrivio@passt ~]$ ls -lZ /usr/bin/passt.avx2 -rwxr-xr-x. 1 root root system_u:object_r:passt_exec_t:s0 184640 Aug 21 17:53 /usr/bin/passt.avx2 [sbrivio@passt ~]$ ls -lZ /usr/bin/pasta -rwxr-xr-x. 2 root root system_u:object_r:pasta_exec_t:s0 164128 Aug 21 17:53 /usr/bin/pasta [sbrivio@passt ~]$ ls -lZ /usr/bin/pasta.avx2 -rwxr-xr-x. 1 root root system_u:object_r:pasta_exec_t:s0 184640 Aug 21 17:53 /usr/bin/pasta.avx2 Add (back) an explicit restorecon call in the scriptlet. Resolves: RHELPLAN-155811 |
||
|---|---|---|
| .gitignore | ||
| 0001-selinux-Drop-user_namespace-create-allow-rules.patch | ||
| gating.yaml | ||
| passt.spec | ||
| sources | ||