bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#44649: 1.2.0rc0 tarball includes guix-daemon.cil.in

From: Marius Bakke
Subject: bug#44649: 1.2.0rc0 tarball includes guix-daemon.cil.in
Date: Sun, 15 Nov 2020 15:56:52 +0100 
Daniel Brooks <db48x@db48x.net> writes:

> It should instead include the guix-daemon.cil file which was built from
> it. The .in file has unsubstituted variabels in it which make it useless
> as an SELinux policy.

Actually I think both should be included.  The processed file will work
for 99% of users, and the template is needed for the 1% that use a
different store directory.

@Ludo: WDYT about the attached patch for version-1.2.0?


From 8b77d853a4c9503df61fb75190d562206d1de1d2 Mon Sep 17 00:00:00 2001
From: Marius Bakke <marius@gnu.org>
Date: Sun, 15 Nov 2020 15:56:04 +0100
Subject: [PATCH] maint: Install the processed SELinux policy file in addition
 to the template.

This fixes <https://bugs.gnu.org/44649>.
Reported by Daniel Brooks <db48x@db48x.net>.

* Makefile.am (dist_selinux_policy_DATA): New target.
---
 Makefile.am | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Makefile.am b/Makefile.am
index 5b84d74f08..4c061db3ca 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -561,8 +561,10 @@ dist_zshcompletion_DATA = etc/completion/zsh/_guix
 # Fish completion file.
 dist_fishcompletion_DATA = etc/completion/fish/guix.fish
 
-# SELinux policy
+# SELinux policy.  Install both the template and the compiled version so
+# it works "out of the box", but can be rebuilt as necessary.
 nodist_selinux_policy_DATA = etc/guix-daemon.cil.in
+dist_selinux_policy_DATA = etc/guix-daemon.cil
 
 EXTRA_DIST +=                                          \
   HACKING                                              \
-- 
2.29.2

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]