From 37d6c03902c71fec611a70e52e92a2dc36a26706 Mon Sep 17 00:00:00 2001
From: Sunny Kumar <sunkumar@redhat.com>
Date: Mon, 20 Apr 2020 12:15:42 +0100
Subject: build: geo-rep requires relevant selinux permission for rsync

If selinux is set in enforcing mode geo-rep goes into faulty state.

To avoid this from happening some relevant selinux booleans need to be set
in 'on' state to allow rsync operation.

Change-Id: Ia8ce530d6548c2a545f4c99c600f5aac2bbb3363
Fixes: #1182
Signed-off-by: Sunny Kumar <sunkumar@redhat.com>
---
 glusterfs.spec.in | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/glusterfs.spec.in b/glusterfs.spec.in
index 607fa9bbdc..67f4783edf 100644
--- a/glusterfs.spec.in
+++ b/glusterfs.spec.in
@@ -111,6 +111,12 @@
 ## All %%global definitions should be placed here and keep them sorted
 ##
 
+# selinux booleans whose defalut value needs modification
+# these booleans will be consumed by "%%selinux_set_booleans" macro.
+%if ( 0%{?rhel} && 0%{?rhel} >= 8 )
+%global selinuxbooleans rsync_full_access=1 rsync_client=1
+%endif
+
 %if ( 0%{?fedora} ) || ( 0%{?rhel} && 0%{?rhel} > 6 )
 %global _with_systemd true
 %endif
@@ -466,6 +472,12 @@ Requires:         python%{_pythonver}-gluster = %{version}-%{release}
 
 Requires:         rsync
 Requires:         util-linux
+# required for setting selinux bools
+%if ( 0%{?rhel} && 0%{?rhel} >= 8 )
+Requires:            selinux-policy-targeted
+Requires(post):      selinux-policy-targeted
+BuildRequires:       selinux-policy-devel
+%endif
 
 %description geo-replication
 GlusterFS is a distributed file-system capable of scaling to several
@@ -864,6 +876,9 @@ exit 0
 
 %if ( 0%{!?_without_georeplication:1} )
 %post geo-replication
+%if ( 0%{?rhel} && 0%{?rhel} >= 8 )
+%selinux_set_booleans %{selinuxbooleans}
+%endif
 if [ $1 -ge 1 ]; then
     %systemd_postun_with_restart glusterd
 fi
-- 
cgit