rhatdan
commented
1 year ago Interested in opening a PR for this?
Open cjeanner opened 1 year ago
rhatdan
commented
1 year ago Interested in opening a PR for this?
cjeanner
commented
1 year ago Once I'm out of my current hell of CI, maybe. I can try to find a moment for that - shouldn't be too hard hopefully (though I don't really know the code in here - if you have any pointers so that I can move faster... :) )
lsm5
commented
3 weeks ago @cjeanner ping, are you still keen on adding this here?
Hello,
This is a clone of a bugzilla and subsequent (public) jira.
It may happen the package doesn't properly install due to some post-install script failures.
rpmdoesn't report it and exits with a "success", while it's actually a failure. In order to detect that, we have to manually check for a set of boolean and other things in a subsequent step.We faced the same issue in openstack-selinux, and I added there proper support for
rpm --verifythat will loop on the installed modules/policies and ensure things are in place[1] (note there are some follow-ups - mostly non-root and permissive support).We of course may be able to loop on the selected booleans and other content, but IMHO this should be an internal of the package, since the maintainers know best what to check for.
Note that the "--verify" is to be called after the package is installed, meaning it will not be affected by the fact most of the install is done in a "post-install" script.
Thank you for your support!
Cheers,
C.
[1] https://github.com/redhat-openstack/openstack-selinux/pull/93