Hi Stefano, On Thu, 2025-05-22 at 23:13 +0200, Stefano Brivio wrote:
The previous change introduces specific file contexts for /run/user/%{USERID}/netns and /run/user/%{USERID}/containers/networks/rootless-netns, but %selinux_relabel_post can't handle that, see comments for more details.
Add a separate restorecon(8) call for /run/user in the post-transaction scriptlet for the SELinux subpackage.
I've tested this out and can confirm that it works, thanks. Aside: what is the correct way to build passt rpms? "make pkgs" doesn't build the SELinux package, but I was eventually able to get the following to work: $ git archive --prefix=passt-$(git rev-parse @)/ @ > ./passt-$(git rev-parse @).tar $ xz passt-*.tar $ mv *.tar.xz contrib/fedora/ $ cd contrib/fedora/ $ rpkg local --outdir $(realpath .) Is there a way to do this without needing to manually create the .tar.xz archive first? Thanks, -- Max