From: Tomas Krizek Date: Mon, 12 Mar 2018 09:48:31 +0000 (+0100) Subject: rpm: don't turn off selinux X-Git-Tag: v2.2.0~11^2 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=1a3fa9d67d4dbbedd37831689a680330a430e542;p=thirdparty%2Fknot-resolver.git rpm: don't turn off selinux --- diff --git a/distro/rpm/knot-resolver.spec b/distro/rpm/knot-resolver.spec index 26b37b60e..5fbe65b49 100644 --- a/distro/rpm/knot-resolver.spec +++ b/distro/rpm/knot-resolver.spec @@ -77,12 +77,7 @@ a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, start a single kresd instance: -# systemctl start kresd@1.service - -If you run into issues with activation of the service or its sockets, either -update your selinux-policy package or turn off selinux (setenforce 0). -https://bugzilla.redhat.com/show_bug.cgi?id=1366968 -https://bugzilla.redhat.com/show_bug.cgi?id=1543049 +$ systemctl start kresd@1.service %package devel Summary: Development headers for Knot DNS Resolver @@ -159,7 +154,7 @@ install -m 0644 -p %{repodir}/systemd/kresd-tls.socket %{buildroot}%{_unitdir}/k mkdir -p %{buildroot}%{_tmpfilesdir} install -m 0644 -p %{repodir}/systemd/tmpfiles/knot-resolver.conf %{buildroot}%{_tmpfilesdir}/knot-resolver.conf mkdir -p %{buildroot}%{_rundir} -install -m 750 -d %{buildroot}%{_rundir}/knot-resolver +install -m 0750 -d %{buildroot}%{_rundir}/knot-resolver # install cache mkdir -p %{buildroot}%{_localstatedir}/cache diff --git a/distro/tests/knot-resolver-test.yaml b/distro/tests/knot-resolver-test.yaml index 63936aa9e..9f0a4c744 100644 --- a/distro/tests/knot-resolver-test.yaml +++ b/distro/tests/knot-resolver-test.yaml @@ -82,10 +82,10 @@ name: "{{ dig_package[ansible_distribution] }}" state: present - - name: turn off SELinux - selinux: - policy: targeted - state: permissive + - name: update selinux-policy + package: + name: selinux-policy + state: latest when: ansible_distribution in ['RedHat', 'Fedora'] - name: start kresd@1.service