Attachment #531970 for bug #655996




		# SELinux file labeling (needs to execute after preinst)
		# only attempt to label if setfiles is executable
		# and 'context' is available on selinuxfs.
		if [ -f /sys/fs/selinux/context -a -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then
			[ -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then
			__vecho ">>> Setting SELinux security labels"
			(
				eval "$(/usr/sbin/selinuxconfig)" || \
					die "Failed to determine SELinux policy paths.";

				addwrite /selinux/context
				addwrite /sys/fs/selinux/context

				/usr/sbin/setfiles -F "${file_contexts_path}" -r "${D}" "${D}"
- 

Return to bug 655996

Lines 439-452 preinst_selinux_labels() { Link Here

(-)a/bin/misc-functions.sh (-4 / +1 lines)
439	# SELinux file labeling (needs to execute after preinst)	439	# SELinux file labeling (needs to execute after preinst)
440	# only attempt to label if setfiles is executable	440	# only attempt to label if setfiles is executable
441	# and 'context' is available on selinuxfs.	441	# and 'context' is available on selinuxfs.
442	if [ -f /selinux/context -o -f /sys/fs/selinux/context ] && \	442	if [ -f /sys/fs/selinux/context -a -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then
443	[ -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then
444	__vecho ">>> Setting SELinux security labels"	443	__vecho ">>> Setting SELinux security labels"
445	(	444	(
446	eval "$(/usr/sbin/selinuxconfig)" \|\| \	445	eval "$(/usr/sbin/selinuxconfig)" \|\| \
447	die "Failed to determine SELinux policy paths.";	446	die "Failed to determine SELinux policy paths.";
448		447
449	addwrite /selinux/context
450	addwrite /sys/fs/selinux/context	448	addwrite /sys/fs/selinux/context
451		449
452	/usr/sbin/setfiles -F "${file_contexts_path}" -r "${D}" "${D}"	450	/usr/sbin/setfiles -F "${file_contexts_path}" -r "${D}" "${D}"
453	-