From bacceba41d86d59982b3e48f6c4289afc074ec9b Mon Sep 17 00:00:00 2001
From: Pierre Riteau <pierre@stackhpc.com>
Date: Fri, 5 Oct 2018 10:02:14 +0100
Subject: [PATCH] Fail build due to missing kauditd only when SELinux is
 enabled

With the check added in commit 7566819139e31c95038f9f1c39a2995d1fc93c17,
diskimage-builder fails to build RPM-based images if kauditd is not
running. However, this is only valid for environments where SELinux is
enabled. If SELinux is disabled (which is identified by an empty _runcon
variable), proceed with running setfiles.

Change-Id: I1b056f20a3a55f7333391207d9e1049d25ece041
Closes-Bug: #1779273
---
 .../elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/diskimage_builder/elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore b/diskimage_builder/elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore
index 3d259bdf2..0d0c9cad6 100755
--- a/diskimage_builder/elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore
+++ b/diskimage_builder/elements/rpm-distro/cleanup.d/99-selinux-fixfiles-restore
@@ -66,8 +66,8 @@ fi
 IFS='|' read -ra SPLIT_MOUNTS <<< "$DIB_MOUNTPOINTS"
 for MOUNTPOINT in "${SPLIT_MOUNTS[@]}"; do
     if [ "${MOUNTPOINT}" != "/tmp/in_target.d" ] && [ "${MOUNTPOINT}" != "/dev" ] && [ "${MOUNTPOINT}" != "/boot/efi" ]; then
-        if ! pgrep kauditd >/dev/null; then
-            echo "*** kauditd not found, suggesting auditing support is disabled in the host kernel. setfiles will fail without this, please enable and rebuild"
+        if ! [ -z ${_runcon} ] && ! pgrep kauditd >/dev/null; then
+            echo "*** SELinux enabled and kauditd not found, suggesting auditing support is disabled in the host kernel. setfiles will fail without this, please enable and rebuild"
             exit 1
         fi
         sudo ${_runcon} chroot ${TARGET_ROOT} \