SELinux policy core utilities
3bbe617cee
For the new grub auto-hide feature: https://fedoraproject.org/wiki/Changes/HiddenGrubMenu Grub needs to know if the previous boot succeeded. This is tracked through flags in the grub environment. A selinux autorelabel is special, because it reboots the machine without completing the boot in the normal manner. grub checks the (new) boot_indeterminate grub environment variable to deal with this. This is a variable containing a count of special boots since the last successful normal boot. If this variable is 1 then it also treats the previous boot as successful. The idea is that an autorelabel (or offline updates) increments boot_indeterminate, so normally after a reboot it will be 1 and the grub menu stays hidden. But if we end up in a selinux autorelabel loop for some reason, then it will be bigger then 1 (*) and the grub menu will be shown allowing the user to try and fix things. *) grub itself will also increment it if it is 1 so that even if it gets incremented only once, that still only makes 1 boot count as successful. This commit makes the selinux-autorelabel script call: grub2-editenv - incr boot_indeterminate for proper integration with this new grub feature. Signed-off-by: Hans de Goede <hdegoede@redhat.com> |
||
|---|---|---|
| tests | ||
| .gitignore | ||
| make-rhat-patches.sh | ||
| policycoreutils-fedora.patch | ||
| policycoreutils.spec | ||
| README.translations | ||
| restorecond-fedora.patch | ||
| selinux-autorelabel | ||
| selinux-autorelabel-generator.sh | ||
| selinux-autorelabel-mark.service | ||
| selinux-autorelabel.service | ||
| selinux-autorelabel.target | ||
| selinux-dbus-fedora.patch | ||
| selinux-gui-fedora.patch | ||
| selinux-python-fedora.patch | ||
| selinux-sandbox-fedora.patch | ||
| semodule-utils-fedora.patch | ||
| sepolicy-help.tgz | ||
| sepolicy-icons.tgz | ||
| sources | ||
| system-config-selinux.png | ||
policycoreutils translations currently live in the following locations:
- https://fedora.zanata.org/project/view/selinux
- contains translations for both stable (Red Hat Enterprise Linux) and master (Fedora) branches
- maintains large number of languages (several of which do not actually contain any translated strings)
- updated by community and partially by RH localization effort
- selinux source repository (https://github.com/fedora-selinux/selinux)
- is kept up-to-date with fedora.zanata
How to update source files on fedora.zanata:
$ git clone git@github.com:fedora-selinux/selinux.git
$ cd selinux/policycoreutils/po
# generate new potfile
$ make policycoreutils.pot
# Push potfiles to zanata
$ zanata-cli push --push-type source
How to pull new translations from zanata
$ git clone git@github.com:fedora-selinux/selinux.git
$ cd policycoreutils/po
# Make sure "zanata.xml" file pointing to corresponding translations branch is present
# Optionally update source files on zanata
# Pull new translations from zanata
$ zanata-cli -e pull --pull-type trans