[Freeipa-devel] [PATCH 477] spec file: Add Requires(pre) on selinux-policy
Jan Cholasta
jcholast at redhat.com
Tue Aug 25 12:27:29 UTC 2015
On 25.8.2015 14:23, Alexander Bokovoy wrote:
> On Tue, 25 Aug 2015, Jan Cholasta wrote:
>> Hi,
>>
>> the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5256>.
>>
>> Honza
>>
>> --
>> Jan Cholasta
>
>> From 216be8de30747f80f490d4e91a7cca4af3e767d6 Mon Sep 17 00:00:00 2001
>> From: Jan Cholasta <jcholast at redhat.com>
>> Date: Tue, 25 Aug 2015 14:14:25 +0200
>> Subject: [PATCH] spec file: Add Requires(pre) on selinux-policy
>>
>> This prevents ipa-server-upgrade failures on SELinux AVCs because of old
>> selinux-policy version.
>>
>> https://fedorahosted.org/freeipa/ticket/5256
>> ---
>> freeipa.spec.in | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git a/freeipa.spec.in b/freeipa.spec.in
>> index cba91fe..fd73cda 100644
>> --- a/freeipa.spec.in
>> +++ b/freeipa.spec.in
>> @@ -139,6 +139,7 @@ Requires: systemd-units >= 38
>> Requires(pre): shadow-utils
>> Requires(pre): systemd-units
>> Requires(post): systemd-units
>> +Requires(pre): selinux-policy >= %{selinux_policy_version}
>> Requires: selinux-policy >= %{selinux_policy_version}
>> Requires(post): selinux-policy-base
>> Requires: slapi-nis >= 0.54.2-1
> If we have it in Requires(pre), we don't need it in Requires, as
> Requires(pre) is a superset of guarantees that Requires gives you.
Martin (CCed) told me Requires(pre) does not imply Requires.
>
> Requires(pre) ensures that selinux-policy of specific version is
> installed before pre scripts of freeipa-server would run, be it in the
> same transaction or in a previous one.
>
Hmm, ipa-server-upgrade is run in posttrans. Should the Requires(pre) be
changed to Required(posttrans)?
--
Jan Cholasta
More information about the Freeipa-devel
mailing list