From 53fd0a7aa2f258fac423be0da06b15326b106527 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 11 Jul 2024 22:06:10 +0200 Subject: [PATCH] Install dnf protected files only when policy is built If an user builds package with `%bcond mls 0` it ended with RPM build errors: error: Installed (but unpackaged) file(s) found: /etc/dnf/protected.d/selinux-policy-mls.conf Installed (but unpackaged) file(s) found: /etc/dnf/protected.d/selinux-policy-mls.conf With this change, dnf procted files for a policy is installed only when the policy is built. [skip changelog] Related: RHEL-54303 --- selinux-policy.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 269498ca..5c7a79df 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -436,8 +436,6 @@ mkdir -p %{buildroot}%{_sharedstatedir}/selinux/{targeted,mls,minimum,modules}/ mkdir -p %{buildroot}%{_datadir}/selinux/packages mkdir -p %{buildroot}%{_sysconfdir}/dnf/protected.d/ -install -m 644 %{SOURCE38} %{buildroot}%{_sysconfdir}/dnf/protected.d/ -install -m 644 %{SOURCE39} %{buildroot}%{_sysconfdir}/dnf/protected.d/ # Install devel make clean @@ -454,6 +452,7 @@ rm -rf %{buildroot}%{_sharedstatedir}/selinux/targeted/active/modules/100/sandbo mv sandbox.pp %{buildroot}%{_datadir}/selinux/packages/sandbox.pp %modulesList targeted %nonBaseModulesList targeted +install -m 644 %{SOURCE38} %{buildroot}%{_sysconfdir}/dnf/protected.d/ %endif %if %{with minimum} @@ -474,6 +473,7 @@ install -m 644 %{SOURCE16} %{buildroot}%{_datadir}/selinux/minimum/modules-enabl %installCmds mls mls deny %modulesList mls %nonBaseModulesList mls +install -m 644 %{SOURCE39} %{buildroot}%{_sysconfdir}/dnf/protected.d/ %endif # remove leftovers when save-previous=true (semanage.conf) is used