[node-patches] Change in ovirt-node[master]: edit-node: set selinux permissive during yum installations

jboggs at redhat.com jboggs at redhat.com
Mon Mar 11 21:06:01 UTC 2013 

Joey Boggs has uploaded a new change for review.

Change subject: edit-node: set selinux permissive during yum installations
......................................................................

edit-node: set selinux permissive during yum installations

rhbz#853435

Change-Id: I6d6ca125c76feefccfeffd6acb40c923767cc90d
Signed-off-by: Joey Boggs <jboggs at redhat.com>
---
M ovirt-node.spec.in
M tools/edit-node
2 files changed, 10 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/50/12950/1

diff --git a/ovirt-node.spec.in b/ovirt-node.spec.in
index 59fe1cc..f76be12 100644
--- a/ovirt-node.spec.in
+++ b/ovirt-node.spec.in
@@ -98,6 +98,7 @@
 Group:          Applications/System
 Requires:       livecd-tools >= 1:16.0
 Requires:       appliance-tools-minimizer
+Requires:       libselinux-python
 
 %define tools_root %{_datadir}/ovirt-node-tools
 
diff --git a/tools/edit-node b/tools/edit-node
index fb96c7d..b4ecb16 100755
--- a/tools/edit-node
+++ b/tools/edit-node
@@ -29,6 +29,7 @@
 import logging
 import rpm
 import glob
+import selinux
 from time import strftime as date
 from subprocess import PIPE, STDOUT
 from imgcreate.debug import *
@@ -1458,6 +1459,11 @@
             if options.script:
                 print "Running edit script '%s'" % options.script
                 editor._run_script(options.script)
+            selinux_enforcing = None
+            if selinux.security_getenforce():
+                print "Setting SELinux Permissive During Yum Install"
+                selinux_enforcing = True
+                selinux.security_setenforce(0)
             if options.install:
                 print "Installing Packages"
                 if not editor._install_pkgs(options):
@@ -1474,6 +1480,9 @@
                     editor.unmount()
                     logging.error("Error Installing Drive Update Package : %s" % options.install_dup)
                     return 1
+            if selinux_enforcing:
+               print "Returning SELinux To Enforcing"
+               selinux.security_setenforce(1)
             if not options.password is None:
                 print "Setting Account Passwords"
                 editor._set_password(options)


--
To view, visit http://gerrit.ovirt.org/12950
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I6d6ca125c76feefccfeffd6acb40c923767cc90d
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Joey Boggs <jboggs at redhat.com>

More information about the node-patches mailing list