From ce671c04d8fe32be8df51afed37dffcd1cb50ae7 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Jan 15 2021 18:49:38 +0000 Subject: Update specfile to not verify md5/size/mtime for active store files The rpm-verify command reports changes for packaged files in the active store (/var/lib/selinux) which are changed on the selinux-policy-* packages updates. In order to pass the rpm verification process, the specfile option %verify(not md5 size mtime) for each of the affected files will prevent from reporting a failure in any of the rpm-verify subtests: - S file Size differs - 5 digest (formerly MD5 sum) differs - T mTime differs --- diff --git a/selinux-policy.spec b/selinux-policy.spec index e7040f8..e1aae3b 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -258,12 +258,12 @@ rm -f %{buildroot}%{_sharedstatedir}/selinux/%1/active/*.linked \ %{_datadir}/selinux/%1/modules-base.lst \ %{_datadir}/selinux/%1/modules-contrib.lst \ %{_datadir}/selinux/%1/nonbasemodules.lst \ -%{_sharedstatedir}/selinux/%1/active/commit_num \ -%{_sharedstatedir}/selinux/%1/active/users_extra \ -%{_sharedstatedir}/selinux/%1/active/homedir_template \ -%{_sharedstatedir}/selinux/%1/active/seusers \ -%{_sharedstatedir}/selinux/%1/active/file_contexts \ -%{_sharedstatedir}/selinux/%1/active/policy.kern \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/commit_num \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/users_extra \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/homedir_template \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/seusers \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/file_contexts \ +%verify(not md5 size mtime) %{_sharedstatedir}/selinux/%1/active/policy.kern \ %ghost %{_sharedstatedir}/selinux/%1/active/policy.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/seusers.linked \ %ghost %{_sharedstatedir}/selinux/%1/active/users_extra.linked \