Project

Profile

Help

Issue #2424

closed

restorecon runs unecessarily for all 2.10+ upgrades

Added by bmbouter about 8 years ago. Updated over 5 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
3. High
Version:
Platform Release:
2.10.3
OS:
Triaged:
Yes
Groomed:
Yes
Sprint Candidate:
No
Tags:
Pulp 2, SELinux
Sprint:
Sprint 11
Quarter:

Description

The spec file uses semodule -l[0] to determine what version of the pulp-server selinux policy is being upgraded from. This is then used by the relabel script[1] to run the minimum required set of restorecon statements.

Starting with RHEL 7.3, the SELinux policy version is no longer shown due to BZ 1392573[2] which causes all restorecon statements to run unnecessarily when the previous version fails to be parsed.

[0]: https://github.com/pulp/pulp/blob/1ff9cba5222e18fc28a3456b386a424acf4f8874/pulp.spec#L970
[1]: https://github.com/pulp/pulp/blob/718c24aa32b75de032d5e6b46c5077e919e2db17/server/selinux/server/relabel.sh
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1392573

Also available in: Atom PDF