From dd88f3a1a7125c9fd5f522865354dd51cb5df288 Mon Sep 17 00:00:00 2001 From: Lukas Vrabec Date: Mar 03 2016 14:57:30 +0000 Subject: Build file_contexts.bin file_context.local.bin file_context.homedir.bin during build phase. This fix issue in Fedora live images when selinux-policy-targeted is not installed but just unpackaged, since there's no .bin files, file_contexts is parsed in selabel_open(). Resolves: rhbz#1314372 --- diff --git a/selinux-policy.spec b/selinux-policy.spec index 90ec9f5..ee49a62 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -183,7 +183,7 @@ install -m0644 selinux_config/customizable_types %{buildroot}%{_sysconfdir}/seli touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local \ touch %{buildroot}%{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local.bin \ touch %{buildroot}%{_sysconfdir}/selinux/%1/file_contexts.homedirs.bin \ -touch %{buildroot}%{_sysconfdir}/selinux/%1/file_contexts.bin \ +sefcontext_compile -o %{buildroot}%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts.bin %{buildroot}%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts \ cp %{SOURCE30} %{buildroot}%{_sysconfdir}/selinux/%1 \ rm -f %{buildroot}/%{_usr}/share/selinux/%1/*pp* \ /usr/bin/sha512sum %{buildroot}%{_sysconfdir}/selinux/%1/policy/policy.%{POLICYVER} | cut -d' ' -f 1 > %{buildroot}%{_sysconfdir}/selinux/%1/.policy.sha512; \ @@ -227,10 +227,10 @@ rm -rf %{buildroot}%{_sysconfdir}/selinux/%1/modules/active/policy.kern \ %dir %{_sysconfdir}/selinux/%1/contexts/files \ %verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts \ %verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.bin \ -%verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.homedirs* \ +%verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.homedirs \ +%verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.homedirs.bin \ %config(noreplace) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local \ %verify(not md5 size mtime) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.local.bin \ -%ghost %{_sysconfdir}/selinux/%1/contexts/files/*.bin \ %config(noreplace) %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs \ %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.subs_dist \ %{_sysconfdir}/selinux/%1/booleans.subs_dist \