rpms/skopeo
7
0
Fork 0
Code Issues Pull Requests Releases Activity

skopeo.spec: drop [/var]/srv/containers from file list

Browse Source 
Stop creating `/srv/containers` directories. Files under `/srv` are
usually owned and created by the users themselves, so owning directories
under there seems odd.

In fact, grepping through all the Fedora spec files, no other package
creates or owns anything in `/srv` apart from this package.

The SELinux file context installed by [1] will still take care of proper
labeling for the directory. This is analogous to how e.g. `/srv/www` is
correctly labeled by the policy, and HTTP servers like `httpd` and
`nginx` don't explicitly create or own `/srv/www`.

This also works around rpm-ostree currently choking on `/srv/containers`
because it falls outside the list of permitted paths.

[1] https://github.com/containers/container-selinux/pull/72
This commit is contained in:
Jonathan Lebon 2020-03-17 16:47:00 -04:00
parent 7fed8da49e
commit 7118c8b6e7
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
skopeo.spec
View File

@ -46,7 +46,7 @@ Epoch: 1
Epoch: 2 Epoch: 2
%endif %endif
Version: 0.1.42 Version: 0.1.42
Release: 0.3.dev.git%{shortcommit0}%{?dist} Release: 0.4.dev.git%{shortcommit0}%{?dist}
Summary: Inspect container images and repositories on registries Summary: Inspect container images and repositories on registries
License: ASL 2.0 License: ASL 2.0
URL: %{git0} URL: %{git0}
@ -342,10 +342,6 @@ ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secret
install -d -p %{buildroot}/%{_datadir}/%{name}/test/system install -d -p %{buildroot}/%{_datadir}/%{name}/test/system
cp -pav systemtest/* %{buildroot}/%{_datadir}/%{name}/test/system/ cp -pav systemtest/* %{buildroot}/%{_datadir}/%{name}/test/system/
# shareable directory for containers
mkdir -p %{buildroot}/var/srv/containers
mkdir -p %{buildroot}/srv/containers
# source codes for building projects # source codes for building projects
%if 0%{?with_devel} %if 0%{?with_devel}
install -d -p %{buildroot}/%{gopath}/src/%{import_path}/ install -d -p %{buildroot}/%{gopath}/src/%{import_path}/
@ -403,8 +399,6 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
%endif %endif
%files -n containers-common %files -n containers-common
%dir /var/srv/containers
%dir /srv/containers
%dir %{_sysconfdir}/containers %dir %{_sysconfdir}/containers
%dir %{_sysconfdir}/containers/certs.d %dir %{_sysconfdir}/containers/certs.d
%dir %{_sysconfdir}/containers/registries.d %dir %{_sysconfdir}/containers/registries.d
@ -440,6 +434,9 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
%{_datadir}/%{name}/test %{_datadir}/%{name}/test
%changelog %changelog
* Tue Mar 17 2020 Jonathan Lebon <jonathan@jlebon.com> - 1:0.1.42-0.2.dev.git7a0a8c2
- Drop /srv/containers and /var/srv/container from file list
* Thu Mar 19 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 1:0.1.42-0.3.dev.git7170702 * Thu Mar 19 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 1:0.1.42-0.3.dev.git7170702
- autobuilt 7170702 - autobuilt 7170702