particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

distro/rhel85: document selinuxStageOptions arg

Browse source 
Renamed the argument to have clearer (and correct) meaning and added a
function docstring to describe the purpose.

The argument is set to 'true' in the build pipeline.
This commit is contained in:
Achilleas Koutsou 2021-07-05 17:47:21 +02:00 committed by Ondřej Budai
parent 708de084aa
commit 39371b01ba
2 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
internal/distro/rhel85/pipelines.go
View file

@ -166,7 +166,7 @@ func buildPipeline(repos []rpmmd.RepoConfig, buildPackageSpecs []rpmmd.PackageSp
p.Name = "build"
p.Runner = "org.osbuild.rhel85"
p.AddStage(osbuild.NewRPMStage(rpmStageOptions(repos), rpmStageInputs(buildPackageSpecs)))
p.AddStage(osbuild.NewSELinuxStage(selinuxStageOptions(false)))
p.AddStage(osbuild.NewSELinuxStage(selinuxStageOptions(true)))
return p
}

8
internal/distro/rhel85/stage_options.go
View file

@ -34,12 +34,14 @@ func rpmStageOptions(repos []rpmmd.RepoConfig) *osbuild.RPMStageOptions {
}
}
func selinuxStageOptions(bootISO bool) *osbuild.SELinuxStageOptions {
// selinuxStageOptions returns the options for the org.osbuild.selinux stage.
// Setting the argument to 'true' relabels the '/usr/bin/cp' and '/usr/bin/tar'
// binaries with 'install_exec_t'. This should be set in the build root.
func selinuxStageOptions(labelcp bool) *osbuild.SELinuxStageOptions {
options := &osbuild.SELinuxStageOptions{
FileContexts: "etc/selinux/targeted/contexts/files/file_contexts",
}
if bootISO {
if labelcp {
options.Labels = map[string]string{
"/usr/bin/cp": "system_u:object_r:install_exec_t:s0",
"/usr/bin/tar": "system_u:object_r:install_exec_t:s0",