GNU bug report logs - #44649
1.2.0rc0 tarball includes guix-daemon.cil.in

Previous Next

Package: guix;

Reported by: Daniel Brooks <db48x <at> db48x.net>

Date: Sun, 15 Nov 2020 00:52:01 UTC

Severity: normal

Found in version 1.2.0

Done: Marius Bakke <marius <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Marius Bakke <marius <at> gnu.org>
To: Daniel Brooks <db48x <at> db48x.net>, 44649 <at> debbugs.gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>
Subject: bug#44649: 1.2.0rc0 tarball includes guix-daemon.cil.in
Date: Sun, 15 Nov 2020 15:56:52 +0100

[Message part 1 (text/plain, inline)]
Daniel Brooks <db48x <at> db48x.net> writes:

> It should instead include the guix-daemon.cil file which was built from
> it. The .in file has unsubstituted variabels in it which make it useless
> as an SELinux policy.

Actually I think both should be included.  The processed file will work
for 99% of users, and the template is needed for the 1% that use a
different store directory.

@Ludo: WDYT about the attached patch for version-1.2.0?


[0001-maint-Install-the-processed-SELinux-policy-file-in-a.patch (text/x-patch, inline)]
From 8b77d853a4c9503df61fb75190d562206d1de1d2 Mon Sep 17 00:00:00 2001
From: Marius Bakke <marius <at> gnu.org>
Date: Sun, 15 Nov 2020 15:56:04 +0100
Subject: [PATCH] maint: Install the processed SELinux policy file in addition
 to the template.

This fixes <https://bugs.gnu.org/44649>.
Reported by Daniel Brooks <db48x <at> db48x.net>.

* Makefile.am (dist_selinux_policy_DATA): New target.
---
 Makefile.am | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Makefile.am b/Makefile.am
index 5b84d74f08..4c061db3ca 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -561,8 +561,10 @@ dist_zshcompletion_DATA = etc/completion/zsh/_guix
 # Fish completion file.
 dist_fishcompletion_DATA = etc/completion/fish/guix.fish
 
-# SELinux policy
+# SELinux policy.  Install both the template and the compiled version so
+# it works "out of the box", but can be rebuilt as necessary.
 nodist_selinux_policy_DATA = etc/guix-daemon.cil.in
+dist_selinux_policy_DATA = etc/guix-daemon.cil
 
 EXTRA_DIST +=						\
   HACKING						\
-- 
2.29.2


[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 4 years and 185 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.