[Libguestfs] [PATCH libguestfs-common 2/2] mlcustomize: Fall back to autorelabel if specfile does not exist (RHBZ#1828952).

Richard W.M. Jones rjones at redhat.com
Tue May 5 15:44:15 UTC 2020


If SELINUXTYPE is set to some value other than targeted then we look
for a directory /etc/selinux/<SELINUXTYPE> which does not exist.
However this should not cause a fatal error.  Using setfiles to do the
relabelling immediately is a nice-to-have, but we can fallback to
using autorelabel if we're unable to achieve it.
 mlcustomize/SELinux_relabel.ml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/mlcustomize/SELinux_relabel.ml b/mlcustomize/SELinux_relabel.ml
index 5df1f08..5ecf7bd 100644
--- a/mlcustomize/SELinux_relabel.ml
+++ b/mlcustomize/SELinux_relabel.ml
@@ -77,6 +77,12 @@ and use_setfiles g =
   let specfile =
     sprintf "/etc/selinux/%s/contexts/files/file_contexts" policy in
+  (* If the spec file doesn't exist then fall back to using
+   * autorelabel (RHBZ#1828952).
+   *)
+  if not (g#is_file ~followsymlinks:true specfile) then
+    failwith "no spec file";
   (* RHEL 6.2 - 6.5 had a malformed specfile that contained the
    * invalid regular expression "/var/run/spice-vdagentd.\pid"
    * (instead of "\.p").  This stops setfiles from working on

More information about the Libguestfs mailing list