commit: 71bb07ddda880017194f67fe69ede5bf72e98623
Author: Rahul Sandhu <nvraxn <AT> gmail <DOT> com>
AuthorDate: Thu Jan 8 01:22:07 2026 +0000
Commit: Eli Schwartz <eschwartz <AT> gentoo <DOT> org>
CommitDate: Thu Jan 8 03:04:10 2026 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71bb07dd
selinux-policy-2.eclass: die on failed control flow of non-pms commands
It is not safe to continue when a non-pms command that must succeed
fails; unlike pms commands, they do not bail on failure. Hence, in
cases where non-pms commands fail, add a failure branch to their
control flow which manually calls die.
Signed-off-by: Rahul Sandhu <nvraxn <AT> gmail.com>
Signed-off-by: Eli Schwartz <eschwartz <AT> gentoo.org>
eclass/selinux-policy-2.eclass | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/eclass/selinux-policy-2.eclass b/eclass/selinux-policy-2.eclass
index b80c9f4651e5..7e9a85ff22d7 100644
--- a/eclass/selinux-policy-2.eclass
+++ b/eclass/selinux-policy-2.eclass
@@ -174,11 +174,11 @@ selinux-policy-2_src_prepare() {
local add_interfaces=0
# Create 3rd_party location for user-contributed policies
- cd "${S}/refpolicy/policy/modules" && mkdir 3rd_party
+ cd "${S}/refpolicy/policy/modules" && mkdir 3rd_party || die "Could not
enter ${S}/refpolicy/policy/modules"
# Patch the sources with the base patchbundle
if [[ -n ${BASEPOL} ]] && [[ "${BASEPOL}" != "9999" ]]; then
- cd "${S}"
+ cd "${S}" || die "Could not enter ${S}"
einfo "Applying SELinux policy updates ... "
eapply -p0 --
"${WORKDIR}/0001-full-patch-against-stable-release.patch"
fi
@@ -191,7 +191,7 @@ selinux-policy-2_src_prepare() {
if [[ "$(declare -p POLICY_FILES 2>/dev/null 2>&1)" = "declare -a"* ]]
||
[[ -n ${POLICY_FILES} ]]; then
add_interfaces=1
- cd "${S}/refpolicy/policy/modules"
+ cd "${S}/refpolicy/policy/modules" || die "Could not enter
${S}/refpolicy/policy/modules"
for POLFILE in ${POLICY_FILES[@]}; do
cp "${FILESDIR}/${POLFILE}" 3rd_party/ || die "Could
not copy ${POLFILE} to 3rd_party/ location"
done
