mirror of
https://passt.top/passt
synced 2025-07-26 03:27:59 +02:00
fedora: Separately restore context for /run/user in %posttrans selinux
The previous change introduces specific file contexts for /run/user/%{USERID}/netns and /run/user/%{USERID}/containers/networks/rootless-netns, but %selinux_relabel_post can't handle that, see comments for more details. Add a separate restorecon(8) call for /run/user as post-transaction scriptlet for the SELinux subpackage. Reported-by: Max Chernoff <git@maxchernoff.ca> Link: https://bugs.passt.top/show_bug.cgi?id=81 Link: https://github.com/containers/podman/discussions/26100#discussioncomment-13088518 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Tested-by: Max Chernoff <git@maxchernoff.ca>
This commit is contained in:
parent
7aeda16a78
commit
e019323538
1 changed files with 6 additions and 0 deletions
|
@ -102,6 +102,12 @@ fi
|
|||
|
||||
%posttrans selinux
|
||||
%selinux_relabel_post -s %{selinuxtype}
|
||||
# %selinux_relabel_post calls fixfiles(8) with the previous file_contexts file
|
||||
# (see selabel_file(5)) in order to restore only the file contexts which
|
||||
# actually changed. However, as file_contexts doesn't support %{USERID}
|
||||
# substitutions, this will not work for specific file contexts that pasta needs
|
||||
# to have under /run/user. Restore those explicitly.
|
||||
restorecon -R /run/user
|
||||
|
||||
%files
|
||||
%license LICENSES/{GPL-2.0-or-later.txt,BSD-3-Clause.txt}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue