guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/09: guix-install.sh: Install SELinux policy and relabel file systems

From: guix-commits
Subject: 02/09: guix-install.sh: Install SELinux policy and relabel file systems if needed.
Date: Thu, 25 May 2023 06:52:51 -0400 (EDT) 
civodul pushed a commit to branch master
in repository guix.

commit 4166b583fb05728e481759f3db733ea85e165ccf
Author: Ludovic Courtès <ludovic.courtes@inria.fr>
AuthorDate: Thu May 25 11:41:23 2023 +0200

    guix-install.sh: Install SELinux policy and relabel file systems if needed.
    
    Fixes <https://issues.guix.gnu.org/62487>.
    
    * etc/guix-install.sh (sys_maybe_setup_selinux): New function.
    (main): Use it.
---
 etc/guix-install.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index e81da7ae71..5012db55dd 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -606,6 +606,19 @@ fi
     _msg "${PAS}Bash shell prompt successfully customized for Guix"
 }
 
+sys_maybe_setup_selinux()
+{
+    if [ -f /sys/fs/selinux/policy ]
+    then
+       prompt_yes_no "Install SELinux policy required to run guix-daemon?" \
+           || return
+
+       local var_guix=/var/guix/profiles/per-user/root/current-guix
+       semodule -i "${var_guix}/share/selinux/guix-daemon.cil"
+       restorecon -R /gnu /var/guix
+    fi
+}
+
 welcome()
 {
     local char
@@ -681,6 +694,7 @@ main()
 
     sys_create_store "${GUIX_BINARY_FILE_NAME}" "${tmp_path}"
     sys_create_build_user
+    sys_maybe_setup_selinux
     sys_enable_guix_daemon
     sys_authorize_build_farms
     sys_create_init_profile
reply via email to
[Prev in Thread] Current Thread [Next in Thread]