ca-hu left a comment (rpm-software-management/rpm#3967)
Would also work for me, the only drawbacks I see is that users would need to
set the `<<none>>` label as well as the additional rpm flag. Also all the
package managers on top of rpm would need to adapt as well.
But I see that this way it would be likely more transparent for the users.
So if you want, I can try to rewrite it into something like this:
If `--root --use-absolute-selinux-labels` is called, it would result in the
labels from the policy e.g. something like:
```
rpm --root /var/lib/machines/openqa1 --use-absolute-selinux-labels
```
^ would get `systemd_machined_var_lib_t`.
Without the flag the existing behaviour will be kept, which means on `--root`
it sets the labels as if the chroot dir was the topmost root directory and the
user would need to additionally add `<<none>>` to the policy.
What do you think?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3967#issuecomment-3920747542
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3967/[email protected]>
_______________________________________________
Rpm-maint mailing list
[email protected]
https://lists.rpm.org/mailman/listinfo/rpm-maint
