Catch 22 in epel7 for %selinux_requires

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

I maintain an selinux module package for el7, and recently came across
interesting macros [1] and in particular %selinux_requires that hides
the dirty detail and especially one that I missed when I set this up
back then.

Unfortunately, it appears to be provided by one of the packages it
BuildRequires itself:

> [vagrant@centos-7 ~]$ rpm --eval %selinux_requires
>
> Requires: selinux-policy >= 3.13.1-229.el7_6.9
> BuildRequires: git
> BuildRequires: pkgconfig(systemd)
> BuildRequires: selinux-policy
> BuildRequires: selinux-policy-devel
> Requires(post): selinux-policy-base >= 3.13.1-229.el7_6.9
> Requires(post): libselinux-utils
> Requires(post): policycoreutils
> %if 0
> Requires(post): policycoreutils-python-utils
> %else
> Requires(post): policycoreutils-python
> %endif
>
> [vagrant@centos-7 ~]$ grep selinux_requires /usr/lib/rpm/macros.d/macros.selinux-policy
> # %selinux_requires
> %selinux_requires \
> [vagrant@centos-7 ~]$ rpm -qf /usr/lib/rpm/macros.d/macros.selinux-policy
> selinux-policy-3.13.1-229.el7_6.9.noarch

So when I try to build this in mock with the default build root I get
this error:

> error: line 99: Unknown tag: %selinux_requires

I noticed that mock runs with SELinux disabled:

> Start: init plugins
> INFO: selinux disabled
> Finish: init plugins

So I don't know whether it would be a problem to add it to the build root.

What should be the way forward?

a) can it be added to the default build root?
b) should it be shipped by a different package part of the default build root?
c) can I add it to the build root during the --buildsrpm execution?

If anything, I'd like to 1) avoid forking the default epel7 configuration
and 2) manually expand the macro in my spec, although this is what I'm
leaning towards right now. The simple reason being that I have an up
to date mock on f29 but other parties involved my be running an ancient
mock on other systems... Unless solution b lands in epel7, in which case
I'm not sure which package should own the macros and get the bug report.

Thanks,
Dridi

[1] https://github.com/fedora-selinux/selinux-policy-macros/
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux