Project

Profile

Help

Story #1166

Updated by cduryee over 8 years ago

The python-crane spec contains the following: 

 <pre> 

 %post 
 semanage fcontext -a -t httpd_sys_content_t '%{_var}/lib/crane(/.*)?' 
 restorecon -R -v %{_var}/lib/crane 

 %postun 
 if [ $1 -eq 0 ] ; then    # final removal 
 semanage fcontext -d -t httpd_sys_content_t '%{_var}/lib/crane(/.*)?' 
 restorecon -R -v %{_var}/lib/crane 
 fi 
 </pre> 

 I do not think semanage is appropriate in the %post and %postun since it can cause confusion when some selinux-related items work but not others. IMO the statements should be removed in favor of either selinux setup documentation, or a policy file. 

 QE note: this bug is for a refactor and likely will not have anything to validate aside from regression testing.

Back