RHEL 8: If setfiles fails fall back to autorelabel

Reviewed-by: Laszlo Ersek <lersek@redhat.com> resolves: rhbz#2184183
2023-04-03 09:48:35 +01:00 · 2023-04-03 09:48:35 +01:00 · cb49722608
commit cb49722608
parent 2f9214744a
2 changed files with 35 additions and 0 deletions
--- a/0053-RHEL-8-If-setfiles-fails-fall-back-to-autorelabel.patch
+++ b/0053-RHEL-8-If-setfiles-fails-fall-back-to-autorelabel.patch
@ -0,0 +1,32 @@
+From 217a74ad09bad781ee9efd5599f4323bdf9e3cff Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Mon, 3 Apr 2023 09:41:37 +0100
+Subject: [PATCH] RHEL 8: If setfiles fails fall back to autorelabel
+
+SFDC case 03473932, RHEL 8 only.
+
+See discussion in private email thread "Customer case requiring our
+assistance" in 2023.
+---
+ common | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Submodule common 1174b443..c4841a70:
+diff --git a/common/mlcustomize/SELinux_relabel.ml b/common/mlcustomize/SELinux_relabel.ml
+index 5ecf7bd7..f0630db1 100644
+--- a/common/mlcustomize/SELinux_relabel.ml
+++ b/common/mlcustomize/SELinux_relabel.ml
+@@ -35,11 +35,12 @@ let rec relabel (g : G.guestfs) =
+       use_setfiles g;
+       (* That worked, so we don't need to autorelabel. *)
+       g#rm_f "/.autorelabel"
+-    with Failure _ ->
+    with Failure _
+       (* This is the fallback in case something in the setfiles
+        * method didn't work.  That includes the case where a non-SELinux
+        * host is processing an SELinux guest, and other things.
+        *)
+    | Guestfs.Error _ -> (* this is for SFDC case 03473932 in RHEL 8 only *)
+       g#touch "/.autorelabel"
+   )
+ 
--- a/virt-v2v.spec
+++ b/virt-v2v.spec
@ -88,6 +88,7 @@ Patch0049:     0049-tests-Add-test-of-i-ova-from-a-directory.patch
 Patch0050:     0050-v2v-i-ova-Fix-parsing-if-OVA-directory-name-has-a-tr.patch
 Patch0051:     0051-convert-If-listing-RPM-applications-fails-rebuild-DB.patch
 Patch0052:     0052-update-common-submodule-for-CVE-2022-2211-fix.patch
+Patch0053:     0053-RHEL-8-If-setfiles-fails-fall-back-to-autorelabel.patch

 # Use git for patch management.
 BuildRequires: git
@ -325,6 +326,8 @@ rm $RPM_BUILD_ROOT%{_mandir}/man1/virt-v2v-test-harness.1*

 %changelog
 * Mon Apr 03 2023 Richard W.M. Jones <rjones@redhat.com> - 1:1.42.0-22
+- RHEL 8: If setfiles fails fall back to autorelabel
+  resolves: rhbz#XXX
 - Reapply patches since we are using git format-patch --submodule=diff

 * Tue Jul 05 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.42.0-21