Fix CentOS image build failure when dib runs on system where audit disabled

Without this fix, building a CentOS image on Ubuntu where audit=0 is passed as a kernel boot parameter will lead to the following error: disk-image-create centos7 dhcp-all-interfaces cloud-init-nocloud \ devuser yum epel baremetal ... dib-run-parts Running tmpdir/hooks/cleanup.d/99-selinux-fixfiles-restore ... Error connecting to audit system. Change-Id: I229d9b72f88bffddca42da57f01c27e902427071
2018-04-07 14:36:59 +02:00 · 2018-04-07 14:36:59 +02:00 · 7566819139
parent b602c05551
commit 7566819139
1 changed files with 4 additions and 0 deletions
--- a/diskimage_builder/elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore
+++ b/diskimage_builder/elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore
@ -66,6 +66,10 @@ fi
 IFS='|' read -ra SPLIT_MOUNTS <<< "$DIB_MOUNTPOINTS"
 for MOUNTPOINT in "${SPLIT_MOUNTS[@]}"; do
    if [ "${MOUNTPOINT}" != "/tmp/in_target.d" ] && [ "${MOUNTPOINT}" != "/dev" ] && [ "${MOUNTPOINT}" != "/boot/efi" ]; then
+        if ! pgrep kauditd >/dev/null; then
+            echo "*** kauditd not found, suggesting auditing support is disabled in the host kernel. setfiles will fail without this, please enable and rebuild"
+            exit 1
+        fi
        sudo ${_runcon} chroot ${TARGET_ROOT} \
            /usr/sbin/setfiles -F ${_dash_m} \
            /etc/selinux/targeted/contexts/files/file_contexts ${MOUNTPOINT}