Fix output of fixfiles onboot

See https://lore.kernel.org/selinux/CAFqZXNtBmoVppmhgrxfzuZrQ+oksWeSHH_x7ZgG4Wa6VO05Dsw@mail.gmail.com/

Resolves: rhbz#2050554
This commit is contained in:
Petr Lautrbach 2022-02-19 11:58:22 +01:00
parent a69a3b9636
commit c725778934
4 changed files with 19 additions and 17 deletions

View File

@ -1,4 +1,4 @@
From f77f2b70930c628b362320cbfe07833032ae9b0f Mon Sep 17 00:00:00 2001 From 7809f29b68e17a455478990ae9b22728381a126b Mon Sep 17 00:00:00 2001
From: Ondrej Mosnacek <omosnace@redhat.com> From: Ondrej Mosnacek <omosnace@redhat.com>
Date: Thu, 3 Feb 2022 17:53:23 +0100 Date: Thu, 3 Feb 2022 17:53:23 +0100
Subject: [PATCH] semodule,libsemanage: move module hashing into libsemanage Subject: [PATCH] semodule,libsemanage: move module hashing into libsemanage

View File

@ -1,4 +1,4 @@
From 40065360b7d1473f47a4f7d22f4f350a9e1a2d85 Mon Sep 17 00:00:00 2001 From 9341da3478625bb2ba2e7d4f3e227735cc9c8198 Mon Sep 17 00:00:00 2001
From: Ondrej Mosnacek <omosnace@redhat.com> From: Ondrej Mosnacek <omosnace@redhat.com>
Date: Thu, 3 Feb 2022 17:53:27 +0100 Date: Thu, 3 Feb 2022 17:53:27 +0100
Subject: [PATCH] semodule: add command-line option to detect module changes Subject: [PATCH] semodule: add command-line option to detect module changes

View File

@ -1,7 +1,7 @@
From 6e6df5717ca72aba7a0d7ba5eaebcf429d2f4cb4 Mon Sep 17 00:00:00 2001 From 09f700e9f953769d1697c46179faba32e4b80c0f Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com> From: Petr Lautrbach <plautrba@redhat.com>
Date: Mon, 14 Feb 2022 14:03:37 +0100 Date: Fri, 4 Feb 2022 13:41:12 +0100
Subject: [PATCH] fixfiles: Use parallel relabeling Subject: [PATCH] policycoreutils/fixfiles: Use parallel relabeling
Commit 93902fc8340f ("setfiles/restorecon: support parallel relabeling") Commit 93902fc8340f ("setfiles/restorecon: support parallel relabeling")
implemented support for parallel relabeling in setfiles. This is implemented support for parallel relabeling in setfiles. This is
@ -9,12 +9,12 @@ available for fixfiles now.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com> Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
--- ---
policycoreutils/scripts/fixfiles | 33 +++++++++++++++++------------- policycoreutils/scripts/fixfiles | 35 +++++++++++++++++-------------
policycoreutils/scripts/fixfiles.8 | 17 +++++++++------ policycoreutils/scripts/fixfiles.8 | 17 ++++++++++-----
2 files changed, 30 insertions(+), 20 deletions(-) 2 files changed, 31 insertions(+), 21 deletions(-)
diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
index cb20002ab613..72e027ed98c8 100755 index cb20002ab613..a4a419ab62de 100755
--- a/policycoreutils/scripts/fixfiles --- a/policycoreutils/scripts/fixfiles
+++ b/policycoreutils/scripts/fixfiles +++ b/policycoreutils/scripts/fixfiles
@@ -110,6 +110,7 @@ BOOTTIME="" @@ -110,6 +110,7 @@ BOOTTIME=""
@ -75,12 +75,14 @@ index cb20002ab613..72e027ed98c8 100755
umount "${TMP_MOUNT}${m}" || exit 1 umount "${TMP_MOUNT}${m}" || exit 1
rm -rf "${TMP_MOUNT}" || echo "Error cleaning up." rm -rf "${TMP_MOUNT}" || echo "Error cleaning up."
done; done;
@@ -331,7 +332,8 @@ case "$1" in @@ -330,8 +331,9 @@ case "$1" in
fi
> /.autorelabel || exit $? > /.autorelabel || exit $?
[ -z "$FORCEFLAG" ] || echo -n "$FORCEFLAG " >> /.autorelabel [ -z "$FORCEFLAG" ] || echo -n "$FORCEFLAG " >> /.autorelabel
[ -z "$BOOTTIME" ] || echo -N $BOOTTIME >> /.autorelabel - [ -z "$BOOTTIME" ] || echo -N $BOOTTIME >> /.autorelabel
- [ -z "$BIND_MOUNT_FILESYSTEMS" ] || echo "-M" >> /.autorelabel - [ -z "$BIND_MOUNT_FILESYSTEMS" ] || echo "-M" >> /.autorelabel
+ [ -z "$BIND_MOUNT_FILESYSTEMS" ] || echo "-M " >> /.autorelabel + [ -z "$BOOTTIME" ] || echo -n "-N $BOOTTIME " >> /.autorelabel
+ [ -z "$BIND_MOUNT_FILESYSTEMS" ] || echo -n "-M " >> /.autorelabel
+ [ -z "$THREADS" ] || echo -n "$THREADS " >> /.autorelabel + [ -z "$THREADS" ] || echo -n "$THREADS " >> /.autorelabel
# Force full relabel if SELinux is not enabled # Force full relabel if SELinux is not enabled
selinuxenabled || echo -F > /.autorelabel selinuxenabled || echo -F > /.autorelabel

View File

@ -11,7 +11,7 @@
Summary: SELinux policy core utilities Summary: SELinux policy core utilities
Name: policycoreutils Name: policycoreutils
Version: 3.3 Version: 3.3
Release: 4.1%{?dist} Release: 4.2%{?dist}
License: GPLv2 License: GPLv2
# https://github.com/SELinuxProject/selinux/wiki/Releases # https://github.com/SELinuxProject/selinux/wiki/Releases
Source0: https://github.com/SELinuxProject/selinux/releases/download/3.3/selinux-3.3.tar.gz Source0: https://github.com/SELinuxProject/selinux/releases/download/3.3/selinux-3.3.tar.gz
@ -53,9 +53,9 @@ Patch0019: 0019-setfiles-restorecon-support-parallel-relabeling.patch
Patch0020: 0020-semodule-add-m-checksum-option.patch Patch0020: 0020-semodule-add-m-checksum-option.patch
Patch0021: 0021-semodule-Fix-lang_ext-column-index.patch Patch0021: 0021-semodule-Fix-lang_ext-column-index.patch
Patch0022: 0022-semodule-Don-t-forget-to-munmap-data.patch Patch0022: 0022-semodule-Don-t-forget-to-munmap-data.patch
Patch0023: 0023-fixfiles-Use-parallel-relabeling.patch Patch0023: 0023-semodule-libsemanage-move-module-hashing-into-libsem.patch
Patch0024: 0024-semodule-libsemanage-move-module-hashing-into-libsem.patch Patch0024: 0024-semodule-add-command-line-option-to-detect-module-ch.patch
Patch0025: 0025-semodule-add-command-line-option-to-detect-module-ch.patch Patch0025: 0025-policycoreutils-fixfiles-Use-parallel-relabeling.patch
# Patch list end # Patch list end
Obsoletes: policycoreutils < 2.0.61-2 Obsoletes: policycoreutils < 2.0.61-2
@ -482,7 +482,7 @@ The policycoreutils-restorecond package contains the restorecond service.
%systemd_postun_with_restart restorecond.service %systemd_postun_with_restart restorecond.service
%changelog %changelog
* Tue Feb 15 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3-4.1 * Tue Feb 15 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3-4.2
- semodule: add command-line option to detect module changes - semodule: add command-line option to detect module changes
* Mon Feb 14 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3-3 * Mon Feb 14 2022 Petr Lautrbach <plautrba@redhat.com> - 3.3-3