prepare-root.sh: selinux permissive during build

This commit is contained in:
Harald Hoyer 2018-09-18 14:48:33 +02:00
parent 070545cf89
commit 1f91f12774

View file

@ -121,6 +121,7 @@ VERSION_ID="${RELEASEVER}.$(date -u +'%Y%m%d%H%M%S')"
OUTDIR=${OUTDIR:-"${CURDIR}/${NAME}-${VERSION_ID}"} OUTDIR=${OUTDIR:-"${CURDIR}/${NAME}-${VERSION_ID}"}
GPGKEY=${GPGKEY:-${NAME}.gpg} GPGKEY=${GPGKEY:-${NAME}.gpg}
REPOSD=${REPOSD:-/etc/yum.repos.d} REPOSD=${REPOSD:-/etc/yum.repos.d}
readonly OLD_SELINUX=$(getenforce)
[[ $TMPDIR ]] || TMPDIR=/var/tmp [[ $TMPDIR ]] || TMPDIR=/var/tmp
readonly TMPDIR="$(realpath -e "$TMPDIR")" readonly TMPDIR="$(realpath -e "$TMPDIR")"
@ -143,12 +144,15 @@ trap '
[[ -d "$i" ]] && mountpoint -q "$i" && umount "$i" [[ -d "$i" ]] && mountpoint -q "$i" && umount "$i"
done done
[[ $MY_TMPDIR ]] && rm -rf --one-file-system -- "$MY_TMPDIR" [[ $MY_TMPDIR ]] && rm -rf --one-file-system -- "$MY_TMPDIR"
setenforce $OLD_SELINUX
exit $ret; exit $ret;
' EXIT ' EXIT
# clean up after ourselves no matter how we die. # clean up after ourselves no matter how we die.
trap 'exit 1;' SIGINT trap 'exit 1;' SIGINT
setenforce 0
if ! [[ -f "${BASEDIR}"/linuxx64.efi.stub ]]; then if ! [[ -f "${BASEDIR}"/linuxx64.efi.stub ]]; then
cp /lib/systemd/boot/efi/linuxx64.efi.stub "${BASEDIR}"/linuxx64.efi.stub cp /lib/systemd/boot/efi/linuxx64.efi.stub "${BASEDIR}"/linuxx64.efi.stub
fi fi
@ -584,3 +588,4 @@ cat > "${OUTDIR%/*}/${NAME}-latest.json" <<EOF
EOF EOF
chown "$USER" "${OUTDIR%/*}/${NAME}-latest.json" chown "$USER" "${OUTDIR%/*}/${NAME}-latest.json"
setenforce $OLD_SELINUX