commit: 2034dc76fb15f1389c4e0c6c0ac1f2052e757b5e
Author: Kenton Groombridge <concord <AT> gentoo <DOT> org>
AuthorDate: Thu Sep 21 14:31:27 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Sep 26 20:54:12 2023 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=2034dc76
etc-update: set SELinux security labels on merged files
For files merged with etc-update, also set their SELinux security labels.
Without this, merged files will have the type user_tmp_t and cause issues on
enforcing SELinux systems.
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
Signed-off-by: Sam James <sam <AT> gentoo.org>
bin/etc-update | 3 +++
1 file changed, 3 insertions(+)
diff --git a/bin/etc-update b/bin/etc-update
index 97c1634203..274bc6f7be 100755
--- a/bin/etc-update
+++ b/bin/etc-update
@@ -631,6 +631,7 @@ do_merge() {
else
chown --reference="${ofile}"
"${mfile}"
chmod --reference="${ofile}"
"${mfile}"
+ ${selinux} && chcon
--reference="${ofile}" "${mfile}"
fi
do_mv_ln ${mv_opts} "${mfile}"
"${ofile}"
rm ${rm_opts} "${file}"
@@ -815,6 +816,8 @@ export PORTAGE_TMPDIR
SCAN_PATHS=${*:-${CONFIG_PROTECT}}
[[ " ${FEATURES} " == *" case-insensitive-fs "* ]] && \
case_insensitive=true || case_insensitive=false
+[[ " ${FEATURES} " == *" selinux "* ]] && \
+ selinux=true || selinux=false
TMP="${PORTAGE_TMPDIR}/etc-update-$$"
trap "die terminated" SIGTERM
