[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Ovirt-devel] [PATCH ovirt-node-image] do not require SELinux build host if disabled in kickstart



Alan Pevec wrote:
Signed-off-by: Alan Pevec <apevec redhat com>
---
 ovirt-node-image.spec.in |   18 +++++++++++++-----
 1 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/ovirt-node-image.spec.in b/ovirt-node-image.spec.in
index 6483fe4..838ff43 100644
--- a/ovirt-node-image.spec.in
+++ b/ovirt-node-image.spec.in
@@ -59,15 +59,23 @@ mkdir -p %{ovirt_cache_dir}/node-image-tmp
 mkdir -p %{ovirt_cache_dir}/yum
sudo su - -c "cd $(pwd) &&
-              case $(cat /selinux/enforce 2>/dev/null) in
-                  1) enforcing=1 ; setenforce 0 ;;
-                  0) enforcing=0 ;;
-                  *) echo SELinux must be enabled; exit 1 ;;
+              enforcing=$(cat /selinux/enforce 2>/dev/null)
+              case x\$enforcing in
+                  x1) setenforce 0 ;;
+                  x0) ;;
+                   *) if ksflatten %{name}.ks 2>/dev/null \
+                        | grep -q 'selinux --disabled'; then
+                        echo WARNING: SELinux disabled in kickstart
+                      else
+                        echo ERROR: SELinux enabled in kickstart, \
+                             but disabled on the build machine
+                        exit 1
+                      fi ;;
               esac
               livecd-creator --skip-minimize -c %{name}.ks -f %{name} \
                --tmpdir='%{ovirt_cache_dir}/node-image-tmp' \
                --cache='%{ovirt_cache_dir}/yum'
-              setenforce \$enforcing"
+              setenforce \$enforcing 2>/dev/null"
 sudo su - -c "cd $(pwd) && ./ovirt-pxe %{name}.iso"
 sudo su - -c "cd $(pwd) && chown -R $USER ."

This seems to work as is, so ACK. But if you want to refactor a bit due to Jim's comments go ahead.

Perry


--
|=-        Red Hat, Engineering, Emerging Technologies, Boston        -=|
|=-                     Email: pmyers redhat com                      -=|
|=-         Office: +1 412 474 3552   Mobile: +1 703 362 9622         -=|
|=- GnuPG: E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]