SELinux policy core utilities
3bbe617cee
For the new grub auto-hide feature: https://fedoraproject.org/wiki/Changes/HiddenGrubMenu Grub needs to know if the previous boot succeeded. This is tracked through flags in the grub environment. A selinux autorelabel is special, because it reboots the machine without completing the boot in the normal manner. grub checks the (new) boot_indeterminate grub environment variable to deal with this. This is a variable containing a count of special boots since the last successful normal boot. If this variable is 1 then it also treats the previous boot as successful. The idea is that an autorelabel (or offline updates) increments boot_indeterminate, so normally after a reboot it will be 1 and the grub menu stays hidden. But if we end up in a selinux autorelabel loop for some reason, then it will be bigger then 1 (*) and the grub menu will be shown allowing the user to try and fix things. *) grub itself will also increment it if it is 1 so that even if it gets incremented only once, that still only makes 1 boot count as successful. This commit makes the selinux-autorelabel script call: grub2-editenv - incr boot_indeterminate for proper integration with this new grub feature. Signed-off-by: Hans de Goede <hdegoede@redhat.com> |
||
---|---|---|
tests | ||
.gitignore | ||
make-rhat-patches.sh | ||
policycoreutils-fedora.patch | ||
policycoreutils.spec | ||
README.translations | ||
restorecond-fedora.patch | ||
selinux-autorelabel | ||
selinux-autorelabel-generator.sh | ||
selinux-autorelabel-mark.service | ||
selinux-autorelabel.service | ||
selinux-autorelabel.target | ||
selinux-dbus-fedora.patch | ||
selinux-gui-fedora.patch | ||
selinux-python-fedora.patch | ||
selinux-sandbox-fedora.patch | ||
semodule-utils-fedora.patch | ||
sepolicy-help.tgz | ||
sepolicy-icons.tgz | ||
sources | ||
system-config-selinux.png |
policycoreutils translations currently live in the following locations: - https://fedora.zanata.org/project/view/selinux - contains translations for both stable (Red Hat Enterprise Linux) and master (Fedora) branches - maintains large number of languages (several of which do not actually contain any translated strings) - updated by community and partially by RH localization effort - selinux source repository (https://github.com/fedora-selinux/selinux) - is kept up-to-date with fedora.zanata How to update source files on fedora.zanata: $ git clone git@github.com:fedora-selinux/selinux.git $ cd selinux/policycoreutils/po # generate new potfile $ make policycoreutils.pot # Push potfiles to zanata $ zanata-cli push --push-type source How to pull new translations from zanata $ git clone git@github.com:fedora-selinux/selinux.git $ cd policycoreutils/po # Make sure "zanata.xml" file pointing to corresponding translations branch is present # Optionally update source files on zanata # Pull new translations from zanata $ zanata-cli -e pull --pull-type trans