freeipa-server-selinux was getting installed before freeipa-server which caused some SELinux contexts to not be set properly.

The existing Requires we had used to fix things, perhaps a change in rpm caused this to break, who knows. I'm not even sure when this stopped working.


I added an extra postun rule so that the server-selinux package is removed as a dependency when you do a yum erase freeipa-python.

rob
>From f17f96510a07b360e189b305b01536d3bfe21ee7 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcrit...@redhat.com>
Date: Thu, 15 Sep 2011 15:57:41 -0400
Subject: [PATCH] Change the Requires for the server and server-selinux for proper order

The server package needs to be installed before the server-selinux
package otherwise the SELinux contexts won't get set properly.

The (postun) is so you can continue to do yum erase freeipa-python
and it will pick up everything else.

https://fedorahosted.org/freeipa/ticket/1779
---
 freeipa.spec.in |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index 940b009..d4f3ac6 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -84,7 +84,7 @@ Group: System Environment/Base
 Requires: %{name}-python = %{version}-%{release}
 Requires: %{name}-client = %{version}-%{release}
 Requires: %{name}-admintools = %{version}-%{release}
-Requires(post): %{name}-server-selinux = %{version}-%{release}
+Requires: %{name}-server-selinux = %{version}-%{release}
 Requires(pre): 389-ds-base >= 1.2.9.7-1
 Requires: openldap-clients
 Requires: nss
@@ -144,7 +144,8 @@ this package).
 %package server-selinux
 Summary: SELinux rules for freeipa-server daemons
 Group: System Environment/Base
-Requires: %{name}-server = %{version}-%{release}
+Requires(post): %{name}-server = %{version}-%{release}
+Requires(postun): %{name}-server = %{version}-%{release}
 Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
 
 Obsoletes: ipa-server-selinux >= 1.0
-- 
1.7.4

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to