From 98fff91388ecefeb7e2b9cb830b2e971b228be9d Mon Sep 17 00:00:00 2001

From: "Richard W.M. Jones" <rjones@redhat.com>

Date: Wed, 13 Jul 2016 22:50:10 +0100

Subject: [PATCH] v2v: linux: Use new SELinux_relabel module to relabel Linux

 guests.

(cherry picked from commit fc114904848559e02d8f4e4a8bfb57277c349f0f)

---

 v2v/Makefile.am      |  1 +

 v2v/convert_linux.ml | 10 ++--------

 2 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/v2v/Makefile.am b/v2v/Makefile.am

index 09a63a0..73a2d68 100644

--- a/v2v/Makefile.am

+++ b/v2v/Makefile.am

@@ -149,6 +149,7 @@ BOBJECTS = \

 	$(top_builddir)/mllib/curl.cmo \

 	$(top_builddir)/customize/customize_utils.cmo \

 	$(top_builddir)/customize/firstboot.cmo \

+	$(top_builddir)/customize/SELinux_relabel.cmo \

 	$(SOURCES_ML:.ml=.cmo)

 XOBJECTS = $(BOBJECTS:.cmo=.cmx)

diff --git a/v2v/convert_linux.ml b/v2v/convert_linux.ml

index bdbd06b..825dae8 100644

--- a/v2v/convert_linux.ml

+++ b/v2v/convert_linux.ml

@@ -406,13 +406,6 @@ let rec convert ~keep_serial_console (g : G.guestfs) inspect source =

     | `Grub2 -> () (* Not necessary for grub2. *)

-  and autorelabel () =

-    (* Only do autorelabel if load_policy binary exists.  Actually

-     * loading the policy is problematic.

-     *)

-    if g#is_file ~followsymlinks:true "/usr/sbin/load_policy" then

-      g#touch "/.autorelabel";

-

   and unconfigure_xen () =

     (* Remove kmod-xenpv-* (RHEL 3). *)

     let xenmods =

@@ -1383,7 +1376,6 @@ let rec convert ~keep_serial_console (g : G.guestfs) inspect source =

   in

   augeas_grub_configuration ();

-  autorelabel ();

   unconfigure_xen ();

   unconfigure_vbox ();

@@ -1409,6 +1401,8 @@ let rec convert ~keep_serial_console (g : G.guestfs) inspect source =

   configure_kernel_modules virtio;

   rebuild_initrd kernel;

+  SELinux_relabel.relabel g;

+

   let guestcaps = {

     gcaps_block_bus = if virtio then Virtio_blk else IDE;

     gcaps_net_bus = if virtio then Virtio_net else E1000;

-- 

2.7.4