From: Ondrej Lichtner <olichtne(a)redhat.com>
This patch relabels the lnst-slave executable to the unconfined_exec_t
type. This fixes our issues with lnst-slave, started by systemd, not
being able to properly use tcpdump and other netutils.
Signed-off-by: Ondrej Lichtner <olichtne(a)redhat.com>
---
lnst.spec | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/lnst.spec b/lnst.spec
index bf2de82..c314132 100644
--- a/lnst.spec
+++ b/lnst.spec
@@ -32,9 +32,9 @@ Requires: %{name} = %{version}-%{release}
%package slave
Summary: Linux Network Stack Test Slave Daemon
Requires: %{name} = %{version}-%{release}
-Requires(post): systemd
+Requires(post): systemd, policycoreutils-python
Requires(preun): systemd
-Requires(postun): systemd
+Requires(postun): systemd, policycoreutils-python
%description
Linux Network Stack Test is a tool useful for developing and performing
@@ -71,12 +71,15 @@ install -D -m 0644 dist/%{name}-slave.service
%{buildroot}/%{_unitdir}/%{name}-s
%py_ocomp %{buildroot}%{python_sitelib}
%post slave
+semanage fcontext -a -t unconfined_exec_t -f f %{_bindir}/%{name}-slave
+restorecon -R %{_bindir}/%{name}-slave
%systemd_post lnst-slave.service
%preun slave
%systemd_preun lnst-slave.service
%postun slave
+semanage fcontext -d -t unconfined_exec_t -f f %{_bindir}/%{name}-slave
%systemd_postun_with_restart lnst-slave.service
%files
--
1.9.3