The nwfilter XMLs in /etc are defined as %ghost in the spec file, which means rpm will not install them, but it will record its existence and permissions in the database. During installation the files are copied in a %post scriptlet from /usr/share/libvirt/nwfilter, but once libvirtd is restarted, it will rewrite the files to add generated UUIDs. While RPM recorded 644 mode for the XMLs, libvirt saves them with 600 and thus any future attempt to verify the libvirt-daemon-config-nwfilter package would fail. We need to tell RPM the ghost files are supposed to have 600 permissions. https://bugzilla.redhat.com/show_bug.cgi?id=1559284 Signed-off-by: Jiri Denemark <jdenemar@xxxxxxxxxx> --- libvirt.spec.in | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index 5e1e1df3f0..17d5d4dff7 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1369,6 +1369,8 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/libvirt/nwfilter/ cp -a $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/nwfilter/*.xml \ $RPM_BUILD_ROOT%{_datadir}/libvirt/nwfilter/ +# libvirt saves these files with mode 600 +chmod 600 $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/nwfilter/*.xml # Strip auto-generated UUID - we need it generated per-install sed -i -e "/<uuid>/d" $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml -- 2.17.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
