Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 690364 - sys-apps/policycoreutils: add support for /usr merge
Summary: sys-apps/policycoreutils: add support for /usr merge
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal with 1 vote (vote)
Assignee: SE Linux Bugs
Depends on:
Blocks: usrmerge, usrmerge-fixes
  Show dependency tree
Reported: 2019-07-21 15:35 UTC by Alexander Tsoy
Modified: 2019-12-21 14:11 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Tsoy 2019-07-21 15:35:46 UTC
The following doesn't work for merged /usr layout:

    dosym /sbin/setfiles /usr/sbin/setfiles

as setfiles executable is being replaced by symlink during merge. Please make this conditional on use split-usr.
Comment 1 William Hubbs gentoo-dev 2019-09-01 17:48:09 UTC
I suppose the real question here is, why do you need setfiles in both
/sbin and /usr/sbin?
Comment 2 David Michael 2019-11-04 15:20:08 UTC
It looks like upstream installs to /sbin/setfiles[1].  The compatibility symlink was added over 13 years ago according to CVS[2], but a quick grep still shows several places in portage and SELinux packages that hardcode /usr/sbin/setfiles.  I'd assume that requires both paths to exist, so can the split-usr condition please be added to fix UsrMerge support?

Comment 3 David Michael 2019-12-03 16:54:36 UTC
Can this have its importance increased?  It seems significant that UsrMerge and SELinux can't be enabled together because of this.

Also, here is the fix.

--- sys-apps/policycoreutils/policycoreutils-2.9.ebuild
+++ sys-apps/policycoreutils/policycoreutils-2.9.ebuild
@@ -15,7 +15,7 @@
-IUSE="audit pam dbus"
+IUSE="audit pam dbus split-usr"
 DESCRIPTION="SELinux core utilities"
@@ -155,7 +155,7 @@
 	rm -fR "${D}/etc/rc.d" || die
 	# compatibility symlinks
-	dosym /sbin/setfiles /usr/sbin/setfiles
+	use split-usr && dosym /sbin/setfiles /usr/sbin/setfiles
 	bashcomp_alias setsebool getsebool
 	# location for policy definitions
Comment 4 Larry the Git Cow gentoo-dev 2019-12-21 14:11:16 UTC
The bug has been closed via the following commit(s):

commit 42cca0f5527c1438dc01a4a4306071cff413d4c8
Author:     Jason Zaman <>
AuthorDate: 2019-12-16 12:13:19 +0000
Commit:     Jason Zaman <>
CommitDate: 2019-12-21 14:00:40 +0000

    sys-apps/policycoreutils: Add support for /usr-merge
    Also fix absolute symlink QA warning.
    Package-Manager: Portage-2.3.79, Repoman-2.3.16
    Signed-off-by: Jason Zaman <>

 sys-apps/policycoreutils/policycoreutils-2.9.ebuild  | 5 +++--
 sys-apps/policycoreutils/policycoreutils-3.0.ebuild  | 8 ++++----
 sys-apps/policycoreutils/policycoreutils-9999.ebuild | 8 ++++----
 3 files changed, 11 insertions(+), 10 deletions(-)