Remove the work around for bsc#1210690 and simplify code

Signed-off-by: David Cassany <dcassany@suse.com>
rancher · May 15, 2024 · f0d9cb3 · f0d9cb3
1 parent ad4adb2
commit f0d9cb3
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 54 deletions.
diff --git a/pkg/action/mount.go b/pkg/action/mount.go
@@ -433,30 +433,7 @@ func SelinuxRelabel(cfg *types.RunConfig, spec *types.MountSpec) error {
 		return err
 	}
 
-	return utils.ChrootedCallback(&cfg.Config, spec.Sysroot, nil, func() error {
-		if exists, _ := utils.Exists(cfg.Fs, constants.SELinuxTargetedContextFile); !exists {
-			cfg.Logger.Debug("Could not find selinux policy context file")
-			return nil
-		}
-
-		if !cfg.Runner.CommandExists("setfiles") {
-			cfg.Logger.Debug("Could not find selinux setfiles utility")
-			return nil
-		}
-
-		// Some extended attributes are lost on copy-up bsc#1210690.
-		// Workaround visit children first, then parents
-		cfg.Logger.Debugf("Running setfiles on depth-sorted files in %s chroot", spec.Sysroot)
-		for _, path := range paths {
-			out, err := cfg.Runner.Run("find", path, "-depth", "-exec", "setfiles", "-i", "-F", "-v", constants.SELinuxTargetedContextFile, "{}", "+")
-			cfg.Logger.Debugf("setfiles output: %s", string(out))
-			if err != nil {
-				cfg.Logger.Errorf("Error running setfiles in %s: %s", path, err.Error())
-				return err
-			}
-		}
-		return nil
-	})
+	return nil
 }
 
 func getRelabelPaths(cfg *types.RunConfig, spec *types.MountSpec) []string {

diff --git a/pkg/action/mount_test.go b/pkg/action/mount_test.go
@@ -276,7 +276,7 @@ var _ = Describe("Mount Action", func() {
 			exists, _ := utils.Exists(fs, constants.SELinuxRelabelDir)
 			Expect(exists).To(BeFalse())
 		})
-		It("writes persistent and ephemeral dirs to /run/systemd/extra-relabel.d/elemental.layout", func() {
+		It("writes persistent and ephemeral dirs to /run/systemd/extra-relabel.d/elemental.relabel", func() {
 			spec.SelinuxRelabel = true
 			Expect(utils.MkdirAll(cfg.Fs, filepath.Join(spec.Sysroot, "/some/path"), constants.DirPerm)).To(Succeed())
 
@@ -293,34 +293,5 @@ var _ = Describe("Mount Action", func() {
 			ok, _ := utils.Exists(cfg.Fs, filepath.Join(spec.Sysroot, "/some/path/", constants.SELinuxRelabelledFlag))
 			Expect(ok).To(BeTrue())
 		})
-		It("runs find with -exec setfiles in the new sysroot", func() {
-			spec.SelinuxRelabel = true
-
-			Expect(utils.MkdirAll(fs, "/sbin", constants.DirPerm)).To(Succeed())
-			Expect(utils.MkdirAll(fs, filepath.Dir(constants.SELinuxTargetedContextFile), constants.DirPerm)).To(Succeed())
-			Expect(fs.WriteFile(constants.SELinuxTargetedContextFile, []byte("/.*"), constants.FilePerm)).To(Succeed())
-			Expect(fs.WriteFile("/sbin/setfiles", []byte("#!/bin/bash"), 0755)).To(Succeed())
-
-			findCnt := 0
-			runner.SideEffect = func(cmd string, args ...string) ([]byte, error) {
-				switch cmd {
-				case "find":
-					findCnt += 1
-					Expect(args).To(ContainElement("/some/path"))
-					Expect(args).To(ContainElement("-depth"))
-					Expect(args).To(ContainElement("-exec"))
-					Expect(args).To(ContainElement("setfiles"))
-					return []byte{}, nil
-				default:
-					return []byte{}, nil
-				}
-			}
-
-			err := action.SelinuxRelabel(cfg, spec)
-			Expect(err).To(Succeed())
-
-			Expect(findCnt).To(Equal(1))
-			Expect(syscall.WasChrootCalledWith(spec.Sysroot)).To(BeTrue())
-		})
 	})
 })