[systemd/f21] don't reset selinux context during CHANGE events

Wed Oct 1 12:41:51 UTC 2014

commit 8bfd0a62fe65c504198639e661c944155a91016d
Author: Lukas Nykryn <lnykryn at redhat.com>
Date:   Wed Oct 1 14:05:41 2014 +0200

    don't reset selinux context during CHANGE events
    
    - add temporary workaround for #1147910
    
    Conflicts:
    	systemd.spec

 ...-default-selinux-label-only-at-add-events.patch |   25 ++++++++++++++++++++
 systemd.spec                                       |    9 ++++++-
 2 files changed, 33 insertions(+), 1 deletions(-)
---

diff --git a/0001-udev-set-default-selinux-label-only-at-add-events.patch b/0001-udev-set-default-selinux-label-only-at-add-events.patch
new file mode 100644
index 0000000..c730ee5
--- /dev/null
+++ b/0001-udev-set-default-selinux-label-only-at-add-events.patch
@@ -0,0 +1,25 @@
+From 9a1121532e361c23bc632acc81fa0767e937a507 Mon Sep 17 00:00:00 2001
+From: Federico Simoncelli <fsimonce at redhat.com>
+Date: Tue, 30 Sep 2014 13:01:49 +0000
+Subject: [PATCH] udev: set default selinux label only at "add" events
+
+---
+ src/udev/udev-node.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
+index d42af9a..ae117a0 100644
+--- a/src/udev/udev-node.c
++++ b/src/udev/udev-node.c
+@@ -314,7 +314,7 @@ static int node_permissions_apply(struct udev_device *dev, bool apply,
+                 }
+ 
+                 /* set the defaults */
+-                if (!selinux)
++                if (!selinux && streq(udev_device_get_action(dev), "add"))
+                         label_fix(devnode, true, false);
+                 if (!smack)
+                         smack_label_path(devnode, NULL);
+-- 
+1.8.3.1
+
diff --git a/systemd.spec b/systemd.spec
index 12f6347..295b869 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -16,7 +16,7 @@
 Name:           systemd
 Url:            http://www.freedesktop.org/wiki/Software/systemd
 Version:        215
-Release:        16%{?gitcommit:.git%{gitcommit}}%{?dist}
+Release:        17%{?gitcommit:.git%{gitcommit}}%{?dist}
 # For a breakdown of the licensing, see README
 License:        LGPLv2+ and MIT and GPLv2+
 Summary:        A System and Service Manager
@@ -143,6 +143,9 @@ Patch0: 0001-resolved-Move-symlink-creation-from-tmpfiles-to-daem.patch
 # kernel-install patch for grubby, drop if grubby is obsolete
 Patch1000:      kernel-install-grubby.patch
 
+# temporary workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1147910
+Patch1001:      0001-udev-set-default-selinux-label-only-at-add-events.patch
+
 %global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
 
 BuildRequires:  libcap-devel
@@ -892,6 +895,10 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
 %{_datadir}/systemd/gatewayd
 
 %changelog
+* Wed Oct 01 2014 Lukáš Nykrýn <lnykryn at redhat.com> - 215-17
+- add temporary workaround for #1147910
+- don't reset selinux context during CHANGE events
+
 * Wed Sep 10 2014 Michal Schmidt <mschmidt at redhat.com> - 215-16
 - Update timesyncd with patches to avoid hitting NTP pool too often.
 
