From: Martin Pitt <martin@piware.de>
Date: Sat, 2 Nov 2019 09:28:11 +0000 (+0100)
Subject: build-devtoolbox: Work around broken SELinux in toolbox containers
X-Git-Url: https://piware.de/gitweb/?p=bin.git;a=commitdiff_plain;h=7e476e5f7c7f4fefa8f4d93c6d3b5960ae3c40ea

build-devtoolbox: Work around broken SELinux in toolbox containers

Install selinux-policy first and remove all of its files, to force
SELinux to be inert in the container. This unbreaks the subsequent `dnf
builddep cockpit` which drags in selinux-policy as a dependency, causes
long hangs, tons of lsetfilecon errors, and eventually lots of package
install failures.

See https://bugzilla.redhat.com/show_bug.cgi?id=1768075
---

diff --git a/build-devtoolbox b/build-devtoolbox
index fe019d1..047b834 100755
--- a/build-devtoolbox
+++ b/build-devtoolbox
@@ -27,6 +27,10 @@ sudo update-ca-trust
 # HACK: no rcm-tools for F31 yet
 sudo sed -i "s/\$releasever/30/" /etc/yum.repos.d/rcm-tools-fedora.repo
 
+# HACK: installing selinux-policy (through transitive builddep cockpit dep) breaks toolbox; https://bugzilla.redhat.com/show_bug.cgi?id=1768075
+sudo dnf install -y selinux-policy
+rpm -ql selinux-policy | sudo xargs rm -f || true
+
 sudo dnf builddep -y cockpit
 sudo dnf install -y make npm fontconfig git valgrind chromium \
     libvirt-daemon-kvm libvirt-client python3-libvirt \