[arch-commits] Commit in osbuild/trunk (PKGBUILD no-selinux-distro-fix.patch)
Jelle van der Waa
jelle at gemini.archlinux.org
Thu Mar 17 18:03:47 UTC 2022
Date: Thursday, March 17, 2022 @ 18:03:47
Author: jelle
Revision: 1156765
Fix FS#74147 add missing udev
Added:
osbuild/trunk/no-selinux-distro-fix.patch
Modified:
osbuild/trunk/PKGBUILD
-----------------------------+
PKGBUILD | 19 ++++++++++++++-----
no-selinux-distro-fix.patch | 42 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 56 insertions(+), 5 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2022-03-17 17:57:25 UTC (rev 1156764)
+++ PKGBUILD 2022-03-17 18:03:47 UTC (rev 1156765)
@@ -4,7 +4,7 @@
pkgname=osbuild
pkgdesc='Build Pipelines for Operating System Artifacts'
pkgver=52
-pkgrel=3
+pkgrel=4
url="https://www.osbuild.org"
arch=(any)
license=(Apache)
@@ -12,9 +12,16 @@
makedepends=(make python-docutils python-setuptools)
optdepends=('dnf: build rpm/dnf images'
'pacman: build pacman images')
-source=($pkgname-$pkgver.tar.gz::https://github.com/osbuild/osbuild/archive/refs/tags/v${pkgver}.tar.gz)
-sha256sums=('f0cfc3ddf22833b334773dd8b1275b2e2ec3ff192797a362a8c030676ba4abb8')
+source=($pkgname-$pkgver.tar.gz::https://github.com/osbuild/osbuild/archive/refs/tags/v${pkgver}.tar.gz
+ ./no-selinux-distro-fix.patch)
+sha256sums=('f0cfc3ddf22833b334773dd8b1275b2e2ec3ff192797a362a8c030676ba4abb8'
+ 'f2b4cf3910673beb8d229ed436cdd6d5f9b35c8ceea28c6dbc4f022c96db0a26')
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ${srcdir}/no-selinux-distro-fix.patch
+}
+
build() {
cd $pkgname-$pkgver
python setup.py build
@@ -25,10 +32,12 @@
make man
python setup.py install --skip-build --root="$pkgdir"
- install -m 0755 -d "$pkgdir/usr/lib/osbuild"
- mkdir "${pkgdir}/usr/lib/osbuild/osbuild"
+ install -m 0755 -d "$pkgdir/usr/lib/osbuild/osbuild"
for group in assemblers devices inputs runners schemas sources stages mounts ; do
cp -vdr --no-preserve=ownership "$group" "$pkgdir/usr/lib/osbuild/"
done
+
+ # udev rules
+ install -Dm644 data/10-osbuild-inhibitor.rules "$pkgdir"/usr/lib/udev/rules.d/10-osbuild-inhibitor.rules
}
Added: no-selinux-distro-fix.patch
===================================================================
--- no-selinux-distro-fix.patch (rev 0)
+++ no-selinux-distro-fix.patch 2022-03-17 18:03:47 UTC (rev 1156765)
@@ -0,0 +1,42 @@
+From 5cde83a7f8ec29f3aa8c214c6e74921cd734a387 Mon Sep 17 00:00:00 2001
+From: Christian Kellner <christian at kellner.me>
+Date: Thu, 17 Mar 2022 15:22:12 +0100
+Subject: [PATCH] stages/selinux: directly call setfilecon
+
+Instead of using `chcon`, directly call `selinux.setfilecon`. On
+systems without SELinux support, i.e. coreutils was built without
+<selinux.h> present, `chcon` will return `ENOTSUP` for all selinux
+related calls like `setfilecon` even if the selinux libraries are
+later installed. Therefore we directly call the library function
+which should ensure that we don't error out as long as the library
+is present. The only other thing `chcon` is doing besides a cal to
+the `setfilecon` method is to convert the context string to a
+`contex_t` and back to validate it. This should not be needed since
+the kernel will do this for us. On system without SELinux support
+`context_new` will also not validate the context.
+---
+ stages/org.osbuild.selinux | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/stages/org.osbuild.selinux b/stages/org.osbuild.selinux
+index 2ca277e7a..64d4fb66f 100755
+--- a/stages/org.osbuild.selinux
++++ b/stages/org.osbuild.selinux
+@@ -25,6 +25,8 @@ import pathlib
+ import subprocess
+ import sys
+
++import selinux
++
+ import osbuild.api
+
+
+@@ -60,7 +62,7 @@ def main(tree, options):
+
+ for path, label in labels.items():
+ fullpath = os.path.join(tree, path.lstrip("/"))
+- subprocess.run(["chcon", "-v", label, fullpath], check=True)
++ selinux.setfilecon(fullpath, label)
+
+ if options.get("force_autorelabel", False):
+ stamp = pathlib.Path(tree, ".autorelabel")
More information about the arch-commits
mailing list