From 975522472af1e01c081db27ddbb7193bc443a95a Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Thu, 9 Jun 2022 14:36:42 +1000 Subject: [PATCH] CentOS 9-stream : work around selinux permissions issue Due to the referenced inline issue, 9-stream currently fails running setfiles in a chroot without /proc. Since we want to actually label /proc, we don't want it mounted. This pulls in the fixed packages to get things going until the fix is rolled out. Change-Id: Id41c16130e975779cb70e2ab19807a689450d026 --- .../redhat-common/post-install.d/05-selinux-9-stream | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100755 diskimage_builder/elements/redhat-common/post-install.d/05-selinux-9-stream diff --git a/diskimage_builder/elements/redhat-common/post-install.d/05-selinux-9-stream b/diskimage_builder/elements/redhat-common/post-install.d/05-selinux-9-stream new file mode 100755 index 00000000..ec7aa762 --- /dev/null +++ b/diskimage_builder/elements/redhat-common/post-install.d/05-selinux-9-stream @@ -0,0 +1,12 @@ +# NOTE(ianw) 2022-06-09 : this is a workaround for setfiles +# failing until libselinux-3.4-2.el9.x86_64.rpm +# https://bugzilla.redhat.com/show_bug.cgi?id=2094683 +if [[ '9-stream' =~ ${DIB_RELEASE} ]]; then + sudo dnf update -y \ + https://kojihub.stream.centos.org/kojifiles/packages/libselinux/3.4/2.el9/x86_64/libselinux-3.4-2.el9.x86_64.rpm \ + https://kojihub.stream.centos.org/kojifiles/packages/libselinux/3.4/2.el9/x86_64/libselinux-utils-3.4-2.el9.x86_64.rpm \ + https://kojihub.stream.centos.org/kojifiles/packages/libselinux/3.4/2.el9/x86_64/python3-libselinux-3.4-2.el9.x86_64.rpm \ + https://kojihub.stream.centos.org/kojifiles/packages/libselinux/3.4/2.el9/x86_64/libselinux-static-3.4-2.el9.x86_64.rpm \ + https://kojihub.stream.centos.org/kojifiles/packages/libselinux/3.4/2.el9/x86_64/libselinux-ruby-3.4-2.el9.x86_64.rpm \ + https://kojihub.stream.centos.org/kojifiles/packages/libselinux/3.4/2.el9/x86_64/libselinux-devel-3.4-2.el9.x86_64.rpm +fi