diff options
| -rw-r--r-- | data/post-scripts/80-setfilecons.ks | 14 | ||||
| -rw-r--r-- | data/post-scripts/Makefile.am | 2 | ||||
| -rw-r--r-- | pyanaconda/constants.py | 16 | ||||
| -rw-r--r-- | pyanaconda/dispatch.py | 2 | ||||
| -rw-r--r-- | pyanaconda/installclass.py | 1 | ||||
| -rw-r--r-- | pyanaconda/packages.py | 41 |
6 files changed, 15 insertions, 61 deletions
diff --git a/data/post-scripts/80-setfilecons.ks b/data/post-scripts/80-setfilecons.ks new file mode 100644 index 000000000..7b0c8c963 --- /dev/null +++ b/data/post-scripts/80-setfilecons.ks @@ -0,0 +1,14 @@ +%post + +restorecon -ir /etc/sysconfig/network-scripts /var/lib/rpm /var/lib/yum /etc/lvm \ + /dev /etc/iscsi /var/lib/iscsi /root /var/lock /var/log \ + /etc/modprobe.d /etc/sysconfig /var/cache/yum + +restorecon -i /etc/rpm/macros /etc/dasd.conf /etc/zfcp.conf /lib64 /usr/lib64 \ + /etc/blkid.tab* /etc/mtab /etc/fstab /etc/resolv.conf \ + /etc/modprobe.conf* /var/log/*tmp /etc/crypttab \ + /etc/mdadm.conf /etc/sysconfig/network /root/install.log* \ + /etc/udev/rules.d/70-persistent-net.rules /etc/*shadow* \ + /etc/dhcp/dhclient-*.conf /etc/localtime + +%end diff --git a/data/post-scripts/Makefile.am b/data/post-scripts/Makefile.am index a57f85be5..f33624f93 100644 --- a/data/post-scripts/Makefile.am +++ b/data/post-scripts/Makefile.am @@ -18,5 +18,5 @@ # Author: Chris Lumens <clumens@redhat.com> postscriptsdir = $(datadir)/$(PACKAGE_NAME)/post-scripts -dist_postscripts_DATA = 90-copy-screenshots.ks 95-copy-logs.ks +dist_postscripts_DATA = 80-setfilecons.ks 90-copy-screenshots.ks 95-copy-logs.ks MAINTAINERCLEAFILES = Makefile.in diff --git a/pyanaconda/constants.py b/pyanaconda/constants.py index 4167f96da..558d69d18 100644 --- a/pyanaconda/constants.py +++ b/pyanaconda/constants.py @@ -69,21 +69,5 @@ DD_RPMS = "/tmp/DD-*" TRANSLATIONS_UPDATE_DIR="/tmp/updates/po" -relabelFiles = ["/etc/rpm/macros", "/etc/dasd.conf", "/etc/zfcp.conf", - "/etc/lilo.conf.anaconda", "/lib64", "/usr/lib64", - "/etc/blkid.tab", "/etc/blkid.tab.old", - "/etc/mtab", "/etc/fstab", "/etc/resolv.conf", - "/etc/modprobe.conf", "/etc/modprobe.conf~", - "/var/log/wtmp", "/var/run/utmp", "/etc/crypttab", - "/dev/log", "/var/lib/rpm", "/", "/etc/raidtab", - "/etc/mdadm.conf", "/etc/sysconfig/network", - "/etc/udev/rules.d/70-persistent-net.rules", - "/root/install.log", "/root/install.log.syslog", - "/etc/shadow", "/etc/shadow-", "/etc/gshadow", - "/etc/dhcp/dhclient-*.conf", "/etc/localtime"] -relabelDirs = ["/etc/sysconfig/network-scripts", "/var/lib/rpm", "/var/lib/yum", "/etc/lvm", - "/dev/mapper", "/etc/iscsi", "/var/lib/iscsi", "/root", "/var/lock", - "/var/log", "/etc/modprobe.d", "/etc/sysconfig", "/var/cache/yum" ] - ANACONDA_CLEANUP = "anaconda-cleanup" ROOT_PATH = "/mnt/sysimage" diff --git a/pyanaconda/dispatch.py b/pyanaconda/dispatch.py index 9001a0810..c605c78da 100644 --- a/pyanaconda/dispatch.py +++ b/pyanaconda/dispatch.py @@ -30,7 +30,6 @@ from packages import doPostAction from packages import firstbootConfiguration from packages import betaNagScreen from packages import setupTimezone -from packages import setFileCons from storage import storageInitialize from storage import storageComplete from storage.partitioning import doAutoPartition @@ -291,7 +290,6 @@ class Dispatcher(object): self.add_step("instbootloader", writeBootloader) self.add_step("reipl", doReIPL) self.add_step("writeksconfig", writeKSConfiguration) - self.add_step("setfilecon", setFileCons) self.add_step("methodcomplete", doMethodComplete) self.add_step("postscripts", runPostScripts) self.add_step("dopostaction", doPostAction) diff --git a/pyanaconda/installclass.py b/pyanaconda/installclass.py index e75eeab7b..9dc2b96c5 100644 --- a/pyanaconda/installclass.py +++ b/pyanaconda/installclass.py @@ -118,7 +118,6 @@ class BaseInstallClass(object): "postscripts", "writeksconfig", "methodcomplete", - "setfilecon", "complete" ) diff --git a/pyanaconda/packages.py b/pyanaconda/packages.py index 9a145b971..907c9f0f0 100644 --- a/pyanaconda/packages.py +++ b/pyanaconda/packages.py @@ -176,47 +176,6 @@ def setupTimezone(anaconda): except RuntimeError: log.error("Failed to set clock") - -# FIXME: this is a huge gross hack. hard coded list of files -# created by anaconda so that we can not be killed by selinux -def setFileCons(anaconda): - def contextCB(arg, directory, files): - for file in files: - path = os.path.join(directory, file) - - if not os.access(path, os.R_OK): - log.warning("%s doesn't exist" % path) - continue - - # If the path begins with rootPath, matchPathCon will never match - # anything because policy doesn't contain that path. - if path.startswith(ROOT_PATH): - path = path.replace(ROOT_PATH, "") - - ret = isys.resetFileContext(path, ROOT_PATH) - - if flags.selinux: - log.info("setting SELinux contexts for anaconda created files") - - # Add "/mnt/sysimage" to the front of every path so the glob works. - # Then run glob on each element of the list and flatten it into a - # single list we can run contextCB across. - files = itertools.chain(*map(lambda f: glob.glob("%s%s" % (ROOT_PATH, f)), - relabelFiles)) - contextCB(None, "", files) - - for dir in relabelDirs + ["/dev/%s" % vg.name for vg in anaconda.storage.vgs]: - # Add "/mnt/sysimage" for similar reasons to above. - dir = "%s%s" % (ROOT_PATH, dir) - - os.path.walk(dir, contextCB, None) - - # os.path.walk won't include the directory we start walking at, - # so that needs its context set separtely. - contextCB(None, "", [dir]) - - return - # FIXME: using rpm directly here is kind of lame, but in the yum backend # we don't want to use the metadata as the info we need would require # the filelists. and since we only ever call this after an install is |