Install dnf protected files only when policy is built

If an user builds package with `%bcond mls 0` it ended with
    RPM build errors:
    error: Installed (but unpackaged) file(s) found:
       /etc/dnf/protected.d/selinux-policy-mls.conf
        Installed (but unpackaged) file(s) found:
       /etc/dnf/protected.d/selinux-policy-mls.conf

With this change, dnf procted files for a policy is installed only when
the policy is built.

[skip changelog]

Related: RHEL-54303
This commit is contained in:
Petr Lautrbach 2024-07-11 22:06:10 +02:00
parent 488e7b1b79
commit 53fd0a7aa2

View File

@ -436,8 +436,6 @@ mkdir -p %{buildroot}%{_sharedstatedir}/selinux/{targeted,mls,minimum,modules}/
mkdir -p %{buildroot}%{_datadir}/selinux/packages mkdir -p %{buildroot}%{_datadir}/selinux/packages
mkdir -p %{buildroot}%{_sysconfdir}/dnf/protected.d/ mkdir -p %{buildroot}%{_sysconfdir}/dnf/protected.d/
install -m 644 %{SOURCE38} %{buildroot}%{_sysconfdir}/dnf/protected.d/
install -m 644 %{SOURCE39} %{buildroot}%{_sysconfdir}/dnf/protected.d/
# Install devel # Install devel
make clean make clean
@ -454,6 +452,7 @@ rm -rf %{buildroot}%{_sharedstatedir}/selinux/targeted/active/modules/100/sandbo
mv sandbox.pp %{buildroot}%{_datadir}/selinux/packages/sandbox.pp mv sandbox.pp %{buildroot}%{_datadir}/selinux/packages/sandbox.pp
%modulesList targeted %modulesList targeted
%nonBaseModulesList targeted %nonBaseModulesList targeted
install -m 644 %{SOURCE38} %{buildroot}%{_sysconfdir}/dnf/protected.d/
%endif %endif
%if %{with minimum} %if %{with minimum}
@ -474,6 +473,7 @@ install -m 644 %{SOURCE16} %{buildroot}%{_datadir}/selinux/minimum/modules-enabl
%installCmds mls mls deny %installCmds mls mls deny
%modulesList mls %modulesList mls
%nonBaseModulesList mls %nonBaseModulesList mls
install -m 644 %{SOURCE39} %{buildroot}%{_sysconfdir}/dnf/protected.d/
%endif %endif
# remove leftovers when save-previous=true (semanage.conf) is used # remove leftovers when save-previous=true (semanage.conf) is used