From 7e476e5f7c7f4fefa8f4d93c6d3b5960ae3c40ea Mon Sep 17 00:00:00 2001
From: Martin Pitt <martin@piware.de>
Date: Sat, 2 Nov 2019 10:28:11 +0100
Subject: [PATCH 1/1] build-devtoolbox: Work around broken SELinux in toolbox
 containers

Install selinux-policy first and remove all of its files, to force
SELinux to be inert in the container. This unbreaks the subsequent `dnf
builddep cockpit` which drags in selinux-policy as a dependency, causes
long hangs, tons of lsetfilecon errors, and eventually lots of package
install failures.

See https://bugzilla.redhat.com/show_bug.cgi?id=1768075
---
 build-devtoolbox | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/build-devtoolbox b/build-devtoolbox
index fe019d1..047b834 100755
--- a/build-devtoolbox
+++ b/build-devtoolbox
@@ -27,6 +27,10 @@ sudo update-ca-trust
 # HACK: no rcm-tools for F31 yet
 sudo sed -i "s/\$releasever/30/" /etc/yum.repos.d/rcm-tools-fedora.repo
 
+# HACK: installing selinux-policy (through transitive builddep cockpit dep) breaks toolbox; https://bugzilla.redhat.com/show_bug.cgi?id=1768075
+sudo dnf install -y selinux-policy
+rpm -ql selinux-policy | sudo xargs rm -f || true
+
 sudo dnf builddep -y cockpit
 sudo dnf install -y make npm fontconfig git valgrind chromium \
     libvirt-daemon-kvm libvirt-client python3-libvirt \
-- 
2.39.2