mirror of
https://github.com/coreos/fedora-coreos-config.git
synced 2026-02-05 09:45:30 +01:00
24 lines
976 B
YAML
24 lines
976 B
YAML
# Recent changes in the SELinux policy have broken a lot of our code.
|
|
# Revert the affected domains back to permissive mode so we can
|
|
# continue to build and test `releasever >= 41` until
|
|
# https://github.com/fedora-selinux/selinux-policy/pull/2257 merges
|
|
# and the domains are reverted upstream or until the issue is resolved
|
|
# altogether
|
|
postprocess:
|
|
- |
|
|
#!/usr/bin/bash
|
|
set -eux -o pipefail
|
|
cat > /tmp/fcos-workarounds.cil << EOF
|
|
; https://bugzilla.redhat.com/show_bug.cgi?id=2300306
|
|
(typeattributeset cil_gen_require bootupd_t)
|
|
(typepermissive bootupd_t)
|
|
; https://bugzilla.redhat.com/show_bug.cgi?id=2305385
|
|
(typeattributeset cil_gen_require coreos_installer_t)
|
|
(typepermissive coreos_installer_t)
|
|
; https://bugzilla.redhat.com/show_bug.cgi?id=2306352
|
|
(typeattributeset cil_gen_require afterburn_t)
|
|
(typepermissive afterburn_t)
|
|
EOF
|
|
/usr/sbin/semodule -i /tmp/fcos-workarounds.cil
|
|
rm /tmp/fcos-workarounds.cil
|