Daniel Brooks <db...@db48x.net> writes: > It should instead include the guix-daemon.cil file which was built from > it. The .in file has unsubstituted variabels in it which make it useless > as an SELinux policy.
Actually I think both should be included. The processed file will work for 99% of users, and the template is needed for the 1% that use a different store directory. @Ludo: WDYT about the attached patch for version-1.2.0?
From 8b77d853a4c9503df61fb75190d562206d1de1d2 Mon Sep 17 00:00:00 2001 From: Marius Bakke <mar...@gnu.org> Date: Sun, 15 Nov 2020 15:56:04 +0100 Subject: [PATCH] maint: Install the processed SELinux policy file in addition to the template. This fixes <https://bugs.gnu.org/44649>. Reported by Daniel Brooks <db...@db48x.net>. * Makefile.am (dist_selinux_policy_DATA): New target. --- Makefile.am | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am index 5b84d74f08..4c061db3ca 100644 --- a/Makefile.am +++ b/Makefile.am @@ -561,8 +561,10 @@ dist_zshcompletion_DATA = etc/completion/zsh/_guix # Fish completion file. dist_fishcompletion_DATA = etc/completion/fish/guix.fish -# SELinux policy +# SELinux policy. Install both the template and the compiled version so +# it works "out of the box", but can be rebuilt as necessary. nodist_selinux_policy_DATA = etc/guix-daemon.cil.in +dist_selinux_policy_DATA = etc/guix-daemon.cil EXTRA_DIST += \ HACKING \ -- 2.29.2
signature.asc
Description: PGP signature
