[Rpm-maint] [rpm-software-management/rpm] RFC: If existent, apply SELinux label from full non-chroot path (PR #3967)
Neal Gompa (ニール・ゴンパ)
notifications at github.com
Wed Feb 25 09:45:10 UTC 2026
Conan-Kudo left a comment (rpm-software-management/rpm#3967)
I'm not sure this makes sense? Maybe I'm reading this wrong, but this would result in completely breaking image builds too. It's not _that_ well-known, but it is possible to apply SELinux labels from an on-disk policy to files. We do this in kiwi using `setfiles`, as an example:
https://github.com/OSInside/kiwi/blob/ae738e396985d6841a738772c5f77e56f8f4702a/kiwi/system/setup.py#L605-L612
I don't think it would be reasonable for RPM to do anything different. What we don't have in SELinux tooling is a way to easily and automatically figure this out (we make educated guesses with kiwi and hope for the best), but that's probably something for SELinux people to help with.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3967#issuecomment-3958031615
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3967/c3958031615 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20260225/d24a189b/attachment.htm>
More information about the Rpm-maint
mailing list