On 12/13/2012 06:01 AM, Rob Crittenden wrote:
We don't currently include the ca_serialno file in our spec file. This
can generate an SELinux warning upon fresh install because we try to set
context on a non-existent file.

This creates an empty file on rpm install so the file can be owned by
the spec.

I also updated the selfsign serial number code to deal with an existing
but empty file.


I couldn't reproduce the error, but I noticed you've left out the percent sign in %attr:

--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -660,6 +662,7 @@ fi
  %attr(755,root,root) %{plugin_dir}/libipa_cldap.so
  %attr(755,root,root) %{plugin_dir}/libipa_range_check.so
  %dir %{_localstatedir}/lib/ipa
+attr(600,root,root) %config(noreplace) %{_localstatedir}/lib/ipa/ca_serialno

RPM build errors:
    File must begin with "/": attr(600,root,root)


Freeipa-devel mailing list

Reply via email to