Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 690364 - sys-apps/policycoreutils: add support for /usr merge
Summary: sys-apps/policycoreutils: add support for /usr merge
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: SE Linux Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: usrmerge, usrmerge-fixes
  Show dependency tree
 
Reported: 2019-07-21 15:35 UTC by Alexander Tsoy
Modified: 2019-12-21 14:11 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Tsoy 2019-07-21 15:35:46 UTC 
The following doesn't work for merged /usr layout:

    dosym /sbin/setfiles /usr/sbin/setfiles

as setfiles executable is being replaced by symlink during merge. Please make this conditional on use split-usr.
Comment 1 William Hubbs gentoo-dev 2019-09-01 17:48:09 UTC 
I suppose the real question here is, why do you need setfiles in both
/sbin and /usr/sbin?
Comment 2 David Michael 2019-11-04 15:20:08 UTC 
It looks like upstream installs to /sbin/setfiles[1].  The compatibility symlink was added over 13 years ago according to CVS[2], but a quick grep still shows several places in portage and SELinux packages that hardcode /usr/sbin/setfiles.  I'd assume that requires both paths to exist, so can the split-usr condition please be added to fix UsrMerge support?

[1] https://github.com/SELinuxProject/selinux/blob/master/policycoreutils/setfiles/Makefile#L4
[2] https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/sys-apps/policycoreutils/policycoreutils-1.30.30.ebuild?hideattic=0&revision=1.1&view=markup#l121
Comment 3 David Michael 2019-12-03 16:54:36 UTC 
Can this have its importance increased?  It seems significant that UsrMerge and SELinux can't be enabled together because of this.

Also, here is the fix.

--- sys-apps/policycoreutils/policycoreutils-2.9.ebuild
+++ sys-apps/policycoreutils/policycoreutils-2.9.ebuild
@@ -15,7 +15,7 @@
 SELNX_VER="${PV}"
 SEPOL_VER="${PV}"
 
-IUSE="audit pam dbus"
+IUSE="audit pam dbus split-usr"
 REQUIRED_USE="${PYTHON_REQUIRED_USE}"
 
 DESCRIPTION="SELinux core utilities"
@@ -155,7 +155,7 @@
 	rm -fR "${D}/etc/rc.d" || die
 
 	# compatibility symlinks
-	dosym /sbin/setfiles /usr/sbin/setfiles
+	use split-usr && dosym /sbin/setfiles /usr/sbin/setfiles
 	bashcomp_alias setsebool getsebool
 
 	# location for policy definitions
Comment 4 Larry the Git Cow gentoo-dev 2019-12-21 14:11:16 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42cca0f5527c1438dc01a4a4306071cff413d4c8

commit 42cca0f5527c1438dc01a4a4306071cff413d4c8
Author:     Jason Zaman <perfinion@gentoo.org>
AuthorDate: 2019-12-16 12:13:19 +0000
Commit:     Jason Zaman <perfinion@gentoo.org>
CommitDate: 2019-12-21 14:00:40 +0000

    sys-apps/policycoreutils: Add support for /usr-merge
    
    Also fix absolute symlink QA warning.
    
    Closes: https://bugs.gentoo.org/690364
    Package-Manager: Portage-2.3.79, Repoman-2.3.16
    Signed-off-by: Jason Zaman <perfinion@gentoo.org>

 sys-apps/policycoreutils/policycoreutils-2.9.ebuild  | 5 +++--
 sys-apps/policycoreutils/policycoreutils-3.0.ebuild  | 8 ++++----
 sys-apps/policycoreutils/policycoreutils-9999.ebuild | 8 ++++----
 3 files changed, 11 insertions(+), 10 deletions(-)