[Rpm-maint] [PATCH 12/19] Determine how policy should be installed based on SELinux state
James Antill
james at fedoraproject.org
Fri Feb 5 17:39:27 UTC 2010
On Tue, 2010-02-02 at 15:25 -0500, Steve Lawrence wrote:
> The state of SELinux on a system changes how we install policy during
> the rpm transaction. For example, if the /etc/selinux directory structure
> hasn't been created, we can't install policy until a package creates the
> directory. This patch adds a function (rpmtsInitSELinux) which performs
> initialization and determines the state of SELinux on the system and what
> actions should be taken to install policy.
[...]
> + /* initialize matchpathcon */
> + if (!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS)) {
> + if (matchpathcon_init(selinux_file_context_path()) == -1) {
> + rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
> + }
> + }
[...]
> - char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
> - if (matchpathcon_init(fn) == -1) {
> - rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
> - }
> - _free(fn);
[...]
> + if (rpmtsInitSELinux(ts) != RPMRC_OK) {
> + return -1;
How is this the same? Is %_install_file_context_path always the same as
the default path?
[...]
> +#if WITH_SELINUX
> + /* load policy and relabel files if policy was postponed */
Can this bit be merged with the init code?
More information about the Rpm-maint
mailing list