commit: 75ab523cbe42a4c529649fcc474b87362d070079 Author: Rahul Sandhu <nvraxn <AT> gmail <DOT> com> AuthorDate: Wed Jan 7 23:55:41 2026 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Thu Jan 8 00:37:38 2026 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=75ab523c
selinux-policy-2.eclass: prefix glob in call to semodule with `./` Prevent the glob from accidently being treated as command arguments per ShellCheck lint SC2035[1]. We can't use the usual `--` here when in the argument list to semodule as semodule doesn't interpret `--` correctly: rsandhu <AT> sierra ~ $ doas semodule -i -- foo.cil libsemanage.map_compressed_file: Unable to open --. (No such file or directory). libsemanage.semanage_direct_install_file: Unable to read file --. (No such file or directory). semodule: Failed on --! [1] https://www.shellcheck.net/wiki/SC2035 Signed-off-by: Rahul Sandhu <nvraxn <AT> gmail.com> Signed-off-by: Sam James <sam <AT> gentoo.org> eclass/selinux-policy-2.eclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eclass/selinux-policy-2.eclass b/eclass/selinux-policy-2.eclass index be83f1d8febf..265ac4bae1fe 100644 --- a/eclass/selinux-policy-2.eclass +++ b/eclass/selinux-policy-2.eclass @@ -353,7 +353,7 @@ selinux-policy-2_pkg_postinst() { if [[ $? -ne 0 ]]; then ewarn "SELinux module load failed. Trying full reload..."; - semodule ${root_opts} -s ${1} -i *.pp + semodule ${root_opts} -s ${1} -i ./*.pp if [[ $? -ne 0 ]]; then ewarn "Failed to reload SELinux policies."
