1 files changed, 20 insertions, 15 deletions
diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
index 507cd08e..5016f6e7 100644
--- a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
+++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
@@ -5,25 +5,34 @@ Subject: [PATCH] selinux: drop selinux support
 Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
 ---
- src/systemdhook.c | 9 ---------
+ src/systemdhook.c |   12 ------------
- 1 file changed, 9 deletions(-)
+ 1 file changed, 12 deletions(-)
-diff --git a/src/systemdhook.c b/src/systemdhook.c
-index 274e5b910699..b9e8f1be376a 100644
 --- a/src/systemdhook.c
 +++ b/src/systemdhook.c
-@@ -14,7 +14,6 @@
+@@ -16,7 +16,6 @@
 #include <errno.h>
 #include <inttypes.h>
 #include <linux/limits.h>
 -#include <selinux/selinux.h>
 #include <yajl/yajl_tree.h>
+ #include <stdbool.h>
 
- #include "config.h"
+@@ -129,9 +128,6 @@ static int chperm(const char *path, cons
-@@ -538,14 +537,6 @@ static int prestart(const char *rootfs,
+                                closedir(dir);
+                                return -1;
                        }
-                }
+-                       if (setfilecon (full_path, label) < 0) {
+-                               pr_perror("Failed to set context %s on %s", label, full_path);
+-                       }
 
+                        if (doChown) {
+                                /* Change uid and gid to something the container can handle */
+@@ -496,14 +492,6 @@ static int prestart(const char *rootfs,
+                                return -1;
+                        }
+                }
+-
 -               if (strcmp("", mount_label)) {
 -                       rc = setfilecon(journal_dir, (security_context_t)mount_label);
 -                       if (rc < 0) {
@@ -31,10 +40,6 @@ index 274e5b910699..b9e8f1be376a 100644
 -                               return -1;
 -                       }
 -               }
-
+ 
-                if (makepath(cont_journal_dir, 0755) == -1) {
+                /* Attempt to creare /var/log/journal inside of rootfs,
-                        if (errno != EEXIST) {
+                   if successful, or directory exists, mount tmpfs on top of
-                                pr_perror("Failed to mkdir container journal dir: %s", cont_journal_dir);
-- 
-2.4.0.53.g8440f74

diff --git a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch index 507cd08e..5016f6e7 100644 --- a/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch +++ b/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
@@ -5,25 +5,34 @@ Subject: [PATCH] selinux: drop selinux support
5		5
6	Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>	6	Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
7	---	7	---
8	src/systemdhook.c \| 9 ---------	8	src/systemdhook.c \| 12 ------------
9	1 file changed, 9 deletions(-)	9	1 file changed, 12 deletions(-)
10		10
11	diff --git a/src/systemdhook.c b/src/systemdhook.c
12	index 274e5b910699..b9e8f1be376a 100644
13	--- a/src/systemdhook.c	11	--- a/src/systemdhook.c
14	+++ b/src/systemdhook.c	12	+++ b/src/systemdhook.c
15	@@ -14,7 +14,6 @@	13	@@ -16,7 +16,6 @@
16	#include <errno.h>	14	#include <errno.h>
17	#include <inttypes.h>	15	#include <inttypes.h>
18	#include <linux/limits.h>	16	#include <linux/limits.h>
19	-#include <selinux/selinux.h>	17	-#include <selinux/selinux.h>
20	#include <yajl/yajl_tree.h>	18	#include <yajl/yajl_tree.h>
		19	#include <stdbool.h>
21		20
22	#include "config.h"	21	@@ -129,9 +128,6 @@ static int chperm(const char *path, cons
23	@@ -538,14 +537,6 @@ static int prestart(const char *rootfs,	22	closedir(dir);
		23	return -1;
24	}	24	}
25	}	25	- if (setfilecon (full_path, label) < 0) {
		26	- pr_perror("Failed to set context %s on %s", label, full_path);
		27	- }
26		28
		29	if (doChown) {
		30	/* Change uid and gid to something the container can handle */
		31	@@ -496,14 +492,6 @@ static int prestart(const char *rootfs,
		32	return -1;
		33	}
		34	}
		35	-
27	- if (strcmp("", mount_label)) {	36	- if (strcmp("", mount_label)) {
28	- rc = setfilecon(journal_dir, (security_context_t)mount_label);	37	- rc = setfilecon(journal_dir, (security_context_t)mount_label);
29	- if (rc < 0) {	38	- if (rc < 0) {
@@ -31,10 +40,6 @@ index 274e5b910699..b9e8f1be376a 100644
31	- return -1;	40	- return -1;
32	- }	41	- }
33	- }	42	- }
34	-	43
35	if (makepath(cont_journal_dir, 0755) == -1) {	44	/* Attempt to creare /var/log/journal inside of rootfs,
36	if (errno != EEXIST) {	45	if successful, or directory exists, mount tmpfs on top of
37	pr_perror("Failed to mkdir container journal dir: %s", cont_journal_dir);
38	--
39	2.4.0.53.g8440f74
40