[cloud-init/f16] Consolidate selinux file context patches
gholms
gholms at fedoraproject.org
Tue Oct 4 19:22:10 UTC 2011
commit a2171c6d7bc909095ff772ff8dd007166407b8d5
Author: Garrett Holmstrom <gholms at fedoraproject.org>
Date: Wed Sep 28 15:46:10 2011 -0700
Consolidate selinux file context patches
cloud-init-0.6.2-filecontext.patch | 69 ++++++++++++++++++++++++++++++
cloud-init-0.6.2-puppetcontext.patch | 35 ---------------
cloud-init-0.6.2-puppetenable.patch | 6 +-
cloud-init-0.6.2-runparts-emptydir.patch | 2 +-
cloud-init-0.6.2-sshcontext.patch | 26 -----------
cloud-init-0.6.2-sshkeytypes.patch | 2 +-
cloud-init.spec | 12 +++---
7 files changed, 80 insertions(+), 72 deletions(-)
---
diff --git a/cloud-init-0.6.2-filecontext.patch b/cloud-init-0.6.2-filecontext.patch
new file mode 100644
index 0000000..42fe8c8
--- /dev/null
+++ b/cloud-init-0.6.2-filecontext.patch
@@ -0,0 +1,69 @@
+Index: cloud-init/cloudinit/SshUtil.py
+===================================================================
+--- cloud-init.orig/cloudinit/SshUtil.py
++++ cloud-init/cloudinit/SshUtil.py
+@@ -147,6 +147,7 @@ def setup_user_keys(keys, user, key_pref
+ util.write_file(authorized_keys, content, 0600)
+
+ os.chown(authorized_keys, pwent.pw_uid, pwent.pw_gid)
++ util.restorecon_if_possible(ssh_dir, recursive=True)
+
+ os.umask(saved_umask)
+
+Index: cloud-init/cloudinit/util.py
+===================================================================
+--- cloud-init.orig/cloudinit/util.py
++++ cloud-init/cloudinit/util.py
+@@ -28,6 +28,12 @@ import time
+ import traceback
+ import re
+
++try:
++ import selinux
++ HAVE_LIBSELINUX = True
++except ImportError:
++ HAVE_LIBSELINUX = False
++
+ def read_conf(fname):
+ try:
+ stream = open(fname,"r")
+@@ -113,6 +119,11 @@ def write_file(file,content,mode=0644,om
+ os.chmod(file,mode)
+ f.write(content)
+ f.close()
++ restorecon_if_possible(file)
++
++def restorecon_if_possible(path, recursive=False):
++ if HAVE_LIBSELINUX and selinux.is_selinux_enabled():
++ selinux.restorecon(path, recursive=recursive)
+
+ # get keyid from keyserver
+ def getkeybyid(keyid,keyserver):
+Index: cloud-init/cloudinit/CloudConfig/cc_puppet.py
+===================================================================
+--- cloud-init.orig/cloudinit/CloudConfig/cc_puppet.py
++++ cloud-init/cloudinit/CloudConfig/cc_puppet.py
+@@ -22,6 +22,7 @@ import subprocess
+ import StringIO
+ import ConfigParser
+ import cloudinit.CloudConfig as cc
++import cloudinit.util as util
+
+ def handle(name,cfg,cloud,log,args):
+ # If there isn't a puppet key in the configuration don't do anything
+@@ -58,6 +59,7 @@ def handle(name,cfg,cloud,log,args):
+ ca_fh.close()
+ os.chown('/var/lib/puppet/ssl/certs/ca.pem',
+ pwd.getpwnam('puppet').pw_uid, 0)
++ util.restorecon_if_possible('/var/lib/puppet', recursive=True)
+ else:
+ #puppet_conf_fh.write("\n[%s]\n" % (cfg_name))
+ # If puppet.conf already has this section we don't want to write it again
+@@ -81,6 +83,7 @@ def handle(name,cfg,cloud,log,args):
+ os.rename('/etc/puppet/puppet.conf','/etc/puppet/puppet.conf.old')
+ with open('/etc/puppet/puppet.conf', 'wb') as configfile:
+ puppet_config.write(configfile)
++ util.restorecon_if_possible('/etc/puppet/puppet.conf')
+ # Set puppet default file to automatically start
+ subprocess.check_call(['sed', '-i',
+ '-e', 's/^START=.*/START=yes/',
diff --git a/cloud-init-0.6.2-puppetenable.patch b/cloud-init-0.6.2-puppetenable.patch
index 0c39b69..655d71a 100644
--- a/cloud-init-0.6.2-puppetenable.patch
+++ b/cloud-init-0.6.2-puppetenable.patch
@@ -10,10 +10,10 @@ Index: cloud-init/cloudinit/CloudConfig/cc_puppet.py
import pwd
import socket
import subprocess
-@@ -91,10 +92,15 @@ def handle(name,cfg,cloud,log,args):
+@@ -84,10 +85,15 @@ def handle(name,cfg,cloud,log,args):
+ with open('/etc/puppet/puppet.conf', 'wb') as configfile:
puppet_config.write(configfile)
- if HAVE_LIBSELINUX and selinux.is_selinux_enabled():
- selinux.restorecon('/etc/puppet/puppet.conf')
+ util.restorecon_if_possible('/etc/puppet/puppet.conf')
- # Set puppet default file to automatically start
- subprocess.check_call(['sed', '-i',
- '-e', 's/^START=.*/START=yes/',
diff --git a/cloud-init-0.6.2-runparts-emptydir.patch b/cloud-init-0.6.2-runparts-emptydir.patch
index a6cf795..97eada3 100644
--- a/cloud-init-0.6.2-runparts-emptydir.patch
+++ b/cloud-init-0.6.2-runparts-emptydir.patch
@@ -2,7 +2,7 @@ Index: cloud-init/cloudinit/util.py
===================================================================
--- cloud-init.orig/cloudinit/util.py
+++ cloud-init/cloudinit/util.py
-@@ -133,7 +133,8 @@ def getkeybyid(keyid,keyserver):
+@@ -145,7 +145,8 @@ def getkeybyid(keyid,keyserver):
def runparts(dirp, skip_no_exist=True):
if skip_no_exist and not os.path.isdir(dirp): return
diff --git a/cloud-init-0.6.2-sshkeytypes.patch b/cloud-init-0.6.2-sshkeytypes.patch
index d3eaadc..f2abe09 100644
--- a/cloud-init-0.6.2-sshkeytypes.patch
+++ b/cloud-init-0.6.2-sshkeytypes.patch
@@ -21,7 +21,7 @@ Index: cloud-init/cloudinit/util.py
===================================================================
--- cloud-init.orig/cloudinit/util.py
+++ cloud-init/cloudinit/util.py
-@@ -77,6 +77,7 @@ def get_cfg_option_str(yobj, key, defaul
+@@ -84,6 +84,7 @@ def get_cfg_option_str(yobj, key, defaul
def get_cfg_option_list_or_str(yobj, key, default=None):
if not yobj.has_key(key): return default
diff --git a/cloud-init.spec b/cloud-init.spec
index c8c3e44..4ffd553 100644
--- a/cloud-init.spec
+++ b/cloud-init.spec
@@ -2,7 +2,7 @@
Name: cloud-init
Version: 0.6.2
-Release: 0.5.bzr457%{?dist}
+Release: 0.6.bzr457%{?dist}
Summary: Cloud instance init scripts
Group: System Environment/Base
@@ -19,14 +19,12 @@ Patch0: cloud-init-0.6.2-fedora.patch
# Add systemd support (not yet upstream)
Patch2: cloud-init-0.6.2-systemd.patch
-# Restore SSH files' selinux contexts (not yet upstream)
-Patch3: cloud-init-0.6.2-sshcontext.patch
+# Restore created files' selinux contexts (not yet upstream)
+Patch3: cloud-init-0.6.2-filecontext.patch
# Make locale file location configurable (not yet upstream)
Patch4: cloud-init-0.6.2-localefile.patch
# Write timezone data to /etc/sysconfig/clock (not yet upstream)
Patch5: cloud-init-0.6.2-tzsysconfig.patch
-# Restore puppet files' selinux contexts (not yet upstream)
-Patch6: cloud-init-0.6.2-puppetcontext.patch
# Make enabling the puppet service work on Fedora (not yet upstream)
Patch7: cloud-init-0.6.2-puppetenable.patch
# Make the types of SSH keys to generate configurable (not yet upstream)
@@ -70,7 +68,6 @@ ssh keys and to let the user run various scripts.
%patch3 -p1
%patch4 -p1
%patch5 -p1
-%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch10 -p1
@@ -155,6 +152,9 @@ fi
%changelog
+* Wed Sep 28 2011 Garrett Holmstrom <gholms at fedoraproject.org> - 0.6.2-0.6.bzr457
+- Consolidated selinux file context patches
+
* Sat Sep 24 2011 Garrett Holmstrom <gholms at fedoraproject.org> - 0.6.2-0.5.bzr457
- Rebased against upstream rev 457
- Added missing dependencies
More information about the scm-commits
mailing list