Bug 1320973

Summary: Current Rawhide Workstation live image does not reach GDM due to mislabelled /run/systemd/inhibit and /run/user/1000
Product: Red Hat Enterprise Linux 7 Reporter: Lukas Vrabec <lvrabec>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED DUPLICATE QA Contact: Dalibor Pospíšil <dapospis>
Severity: urgent Docs Contact:
Priority: high    
Version: 7.3CC: cra, dapospis, dominick.grift, dwalsh, extras-qa, jfrieben, johannbg, juliux.pigface, lnykryn, lvrabec, mgrepl, mmalik, msekleta, muadda, petersen, plautrba, pschindl, pvrabec, robatino, satellitgo, ssekidde, s, systemd-maint
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.13.1-68.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1314372 Environment:
Last Closed: 2016-09-27 12:26:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Lukas Vrabec 2016-03-24 11:43:37 UTC 
+++ This bug was initially created as a clone of Bug #1314372 +++

Currently, selinux-policy-* packages don't ship %{_sysconfdir}/selinux/%1/contexts/files/file_contexts.bin. This file is created during post install phase.

It would be useful to generate this file during build time and ship it in order to prevent cases like the one with Live workstation where selinux-policy-targeted is not installed, but only unpackaged. And since there's no .bin files,
file_contexts is parsed in selabel_open().

While it's not a fix for #1308771, it could prevent similar issues in other not-yet-discovered cases and make Live images and maybe even Atomic a little bit faster.

--- Additional comment from Lukas Vrabec on 2016-03-03 10:07:21 EST ---

commit bc10e3f4a04dbf4e88c4ad8634d6137590f62f1b
Author: Lukas Vrabec <lvrabec>
Date:   Thu Mar 3 15:18:10 2016 +0100

    Build file_contexts.bin file_context.local.bin file_context.homedir.bin during build phase. This fix issue in Fedora live images when selinux-policy-targeted is not installed but just unpackaged, since there's no .bin files, file_contexts is parsed in selabel_open(). Resolves: rhbz#1314372

--- Additional comment from Adam Williamson on 2016-03-08 14:07:43 EST ---

The fix worked, lives boot OK now. Thanks.
Comment 4 Dalibor Pospíšil 2016-09-27 12:26:15 UTC 

*** This bug has been marked as a duplicate of bug 1315779 ***