Bug 2042149

Summary: selinux needs to accommodate /usr/lib/sysimage/rpm
Product: [Fedora] Fedora Reporter: Chris Murphy <bugzilla>
Component: selinux-policyAssignee: Zdenek Pytela <zpytela>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: dwalsh, grepl.miroslav, lvrabec, mmalik, ngompa13, omosnace, pkoncity, vmojzis, zpytela
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-02-04 08:48:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2042099    

Description Chris Murphy 2022-01-18 21:14:37 UTC 
Relocate RPM database to /usr/lib/sysimage/rpm
https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr#Scope

Currently on Fedora 35
/usr/lib/sysimage
drwxr-xr-x. 1 root root system_u:object_r:usr_t:s0                0 Jul 21 17:47 sysimage

/var/lib/rpm
drwxr-xr-x. 1 root    root    system_u:object_r:rpm_var_lib_t:s0               106 Jan 14 05:50 rpm

I'm not sure what label /usr/lib/sysimage should be, but rpm inside it probably should have system_u:object_r:rpm_var_lib_t:s0
Comment 1 Neal Gompa 2022-01-28 16:42:19 UTC 
Upstream pull request: https://github.com/fedora-selinux/selinux-policy/pull/1033
Comment 2 Neal Gompa 2022-01-28 18:22:59 UTC 
Zdenek, can you please review+merge my PR and release it into Rawhide? Then I can build the new rpm with the rpmdb change...