[Piuparts-commits] rev 174 - in trunk: . debian

Holger Levsen holger at alioth.debian.org
Sat Nov 29 00:42:08 UTC 2008 

Author: holger
Date: 2008-11-29 00:42:08 +0000 (Sat, 29 Nov 2008)
New Revision: 174

Modified:
   trunk/debian/changelog
   trunk/piuparts.py
Log:
Mount /selinux on systems where selinux is enabled. Thanks to Filippo
Giunchedi for the patch! (CLoses: 507171)

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2008-11-08 17:20:15 UTC (rev 173)
+++ trunk/debian/changelog	2008-11-29 00:42:08 UTC (rev 174)
@@ -1,3 +1,10 @@
+piuparts (0.34) UNRELEASED; urgency=low
+
+  * Mount /selinux on systems where selinux is enabled. Thanks to Filippo
+    Giunchedi for the patch! (CLoses: 507171)
+
+ -- Holger Levsen <holger at debian.org>  Sat, 29 Nov 2008 01:40:28 +0100
+
 piuparts (0.33) unstable; urgency=low
 
   * Added --bindmount option, thanks to Aníbal Monsalve Salaza for the patch. 

Modified: trunk/piuparts.py
===================================================================
--- trunk/piuparts.py	2008-11-08 17:20:15 UTC (rev 173)
+++ trunk/piuparts.py	2008-11-29 00:42:08 UTC (rev 174)
@@ -548,6 +548,7 @@
 
         self.configure_chroot()
         self.mount_proc()
+        self.mount_selinux()
         if settings.basetgz:
             self.run(["apt-get", "-yf", "upgrade"])
         self.minimize()
@@ -562,6 +563,7 @@
         """Remove a chroot and all its contents."""
         if not settings.keep_tmpdir and os.path.exists(self.name):
             self.unmount_proc()
+            self.unmount_selinux()
             shutil.rmtree(self.name)
             logging.debug("Removed directory tree at %s" % self.name)
 
@@ -864,6 +866,18 @@
                           indent_string(output))
             panic()
 
+
+    def mount_selinux(self):
+        if selinux_enabled():
+            run(["mkdir", "-p", self.relative("/selinux")])
+            run(["mount", "-t", "selinuxfs", "/selinux", self.relative("/selinux")])
+            logging.info("SElinux mounted into chroot")
+
+    def unmount_selinux(self):
+        if selinux_enabled():
+            run(["umount", self.relative("/selinux")])
+            logging.info("SElinux unmounted from chroot")
+
     def mount_proc(self):
         """Mount /proc inside chroot."""
         self.run(["mount", "-t", "proc", "proc", "/proc"])
@@ -1221,6 +1235,14 @@
     def mount_proc(self): pass
     def unmount_proc(self): pass
 
+def selinux_enabled(enabled_test="/usr/sbin/selinuxenabled"):
+    if os.access(enabled_test, os.X_OK):
+        retval, output = run([enabled_test])
+        if retval == 0:
+            return True
+        else:
+            return False
+
 def objects_are_different(pair1, pair2):
     """Are filesystem objects different based on their meta data?"""
     (m1, target1) = pair1

More information about the Piuparts-commits mailing list