External/passt
1
0
Fork 0
mirror of https://passt.top/passt synced 2024-06-30 15:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
4e73e9bd65
passt/contrib
History
Stefano Brivio dd23496619 fedora: Refresh SELinux labels in scriptlets, require -selinux package 
Instead of:
  https://fedoraproject.org/wiki/SELinux_Policy_Modules_Packaging_Draft

follow this:
  https://fedoraproject.org/wiki/PackagingDrafts/SELinux_Independent_Policy

which seems to make more sense and fixes the issue that, on a fresh
install, without a reboot, the file contexts for the binaries are not
actually updated.

In detail:

- labels are refreshed using the selinux_relabel_pre and
  selinux_relabel_post on install, upgrade, and uninstall

- use the selinux_modules_install and selinux_modules_uninstall
  macros, instead of calling 'semodule' directly (no functional
  changes in our case)

- require the -selinux package on SELinux-enabled environments and if
  the current system policy is "targeted"

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-03-17 08:26:07 +01:00
..
apparmor contrib/apparmor: Split profile into abstractions, use them 2023-02-27 18:56:32 +01:00
fedora fedora: Refresh SELinux labels in scriptlets, require -selinux package 2023-03-17 08:26:07 +01:00
kata-containers Don't abbreviate ip(8) arguments in examples and tests 2022-06-15 09:38:10 +02:00
selinux contrib/selinux: Split interfaces into smaller bits 2023-03-10 20:01:41 +01:00