diff --git a/0001-udev-set-default-selinux-label-only-at-add-events.patch b/0001-udev-set-default-selinux-label-only-at-add-events.patch new file mode 100644 index 0000000..c730ee5 --- /dev/null +++ b/0001-udev-set-default-selinux-label-only-at-add-events.patch @@ -0,0 +1,25 @@ +From 9a1121532e361c23bc632acc81fa0767e937a507 Mon Sep 17 00:00:00 2001 +From: Federico Simoncelli +Date: Tue, 30 Sep 2014 13:01:49 +0000 +Subject: [PATCH] udev: set default selinux label only at "add" events + +--- + src/udev/udev-node.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index d42af9a..ae117a0 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -314,7 +314,7 @@ static int node_permissions_apply(struct udev_device *dev, bool apply, + } + + /* set the defaults */ +- if (!selinux) ++ if (!selinux && streq(udev_device_get_action(dev), "add")) + label_fix(devnode, true, false); + if (!smack) + smack_label_path(devnode, NULL); +-- +1.8.3.1 + diff --git a/systemd.spec b/systemd.spec index 87fde84..a6909ea 100644 --- a/systemd.spec +++ b/systemd.spec @@ -16,7 +16,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 216 -Release: 6%{?gitcommit:.git%{gitcommit}}%{?dist} +Release: 7%{?gitcommit:.git%{gitcommit}}%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: A System and Service Manager @@ -58,6 +58,9 @@ Patch0011: 0011-Revert-timesyncd-remove-retry_timer-logic-which-is-c.patch # kernel-install patch for grubby, drop if grubby is obsolete Patch1000: kernel-install-grubby.patch +# temporary workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1147910 +Patch1001: 0001-udev-set-default-selinux-label-only-at-add-events.patch + %global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);} BuildRequires: libcap-devel @@ -814,6 +817,10 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd %{_datadir}/systemd/gatewayd %changelog +* Wed Oct 01 2014 Lukáš Nykrýn - 216-7 +- add temporary workaround for #1147910 +- don't reset selinux context during CHANGE events + * Wed Sep 10 2014 Michal Schmidt - 216-6 - Update timesyncd with patches to avoid hitting NTP pool too often.