Prevent the glob from accidently being treated as command arguments per ShellCheck lint SC2035[1]. We can't use the usual `--` here when in the argument list to semodule as semodule doesn't interpret `--` correctly:
rsandhu@sierra ~ $ doas semodule -i -- foo.cil libsemanage.map_compressed_file: Unable to open --. (No such file or directory). libsemanage.semanage_direct_install_file: Unable to read file --. (No such file or directory). semodule: Failed on --! [1] https://www.shellcheck.net/wiki/SC2035 Signed-off-by: Rahul Sandhu <[email protected]> --- eclass/selinux-policy-2.eclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eclass/selinux-policy-2.eclass b/eclass/selinux-policy-2.eclass index be83f1d8febf..265ac4bae1fe 100644 --- a/eclass/selinux-policy-2.eclass +++ b/eclass/selinux-policy-2.eclass @@ -353,7 +353,7 @@ selinux-policy-2_pkg_postinst() { if [[ $? -ne 0 ]]; then ewarn "SELinux module load failed. Trying full reload..."; - semodule ${root_opts} -s ${1} -i *.pp + semodule ${root_opts} -s ${1} -i ./*.pp if [[ $? -ne 0 ]]; then ewarn "Failed to reload SELinux policies." -- 2.50.1
