From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1557750-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id E9525158089
	for <garchives@archives.gentoo.org>; Tue, 26 Sep 2023 20:54:17 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 06D572BC01B;
	Tue, 26 Sep 2023 20:54:17 +0000 (UTC)
Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id E6AF92BC01B
	for <gentoo-commits@lists.gentoo.org>; Tue, 26 Sep 2023 20:54:16 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 2DD65335CDF
	for <gentoo-commits@lists.gentoo.org>; Tue, 26 Sep 2023 20:54:16 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id A6DB51084
	for <gentoo-commits@lists.gentoo.org>; Tue, 26 Sep 2023 20:54:14 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1695761652.2034dc76fb15f1389c4e0c6c0ac1f2052e757b5e.sam@gentoo>
Subject: [gentoo-commits] proj/portage:master commit in: bin/
X-VCS-Repository: proj/portage
X-VCS-Files: bin/etc-update
X-VCS-Directories: bin/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: 2034dc76fb15f1389c4e0c6c0ac1f2052e757b5e
X-VCS-Branch: master
Date: Tue, 26 Sep 2023 20:54:14 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 7df75c06-d758-4ff3-b268-74401e8574ac
X-Archives-Hash: a5881e37a9c34087c9388792d97890be

commit:     2034dc76fb15f1389c4e0c6c0ac1f2052e757b5e
Author:     Kenton Groombridge <concord <AT> gentoo <DOT> org>
AuthorDate: Thu Sep 21 14:31:27 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Sep 26 20:54:12 2023 +0000
URL:        https://gitweb.gentoo.org/proj/portage.git/commit/?id=2034dc76

etc-update: set SELinux security labels on merged files

For files merged with etc-update, also set their SELinux security labels.
Without this, merged files will have the type user_tmp_t and cause issues on
enforcing SELinux systems.

Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
Signed-off-by: Sam James <sam <AT> gentoo.org>

 bin/etc-update | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/etc-update b/bin/etc-update
index 97c1634203..274bc6f7be 100755
--- a/bin/etc-update
+++ b/bin/etc-update
@@ -631,6 +631,7 @@ do_merge() {
 					else
 						chown --reference="${ofile}" "${mfile}"
 						chmod --reference="${ofile}" "${mfile}"
+						${selinux} && chcon --reference="${ofile}" "${mfile}"
 					fi
 					do_mv_ln ${mv_opts} "${mfile}" "${ofile}"
 					rm ${rm_opts} "${file}"
@@ -815,6 +816,8 @@ export PORTAGE_TMPDIR
 SCAN_PATHS=${*:-${CONFIG_PROTECT}}
 [[ " ${FEATURES} " == *" case-insensitive-fs "* ]] && \
 	case_insensitive=true || case_insensitive=false
+[[ " ${FEATURES} " == *" selinux "* ]] && \
+	selinux=true || selinux=false
 
 TMP="${PORTAGE_TMPDIR}/etc-update-$$"
 trap "die terminated" SIGTERM