keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Support hardcoded user.ima to security.ima translation

Browse Source 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Stefan Berger 2021-04-12 20:24:12 -04:00 committed by Colin Walters
parent 4179cbadd2
commit 29440346f1
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/libpriv/rpmostree-postprocess.cxx
View File

@ -1096,7 +1096,8 @@ filter_xattrs_impl (OstreeRepo *repo,
/* If you have a use case for something else, file an issue */
static const char *accepted_xattrs[] =
{ "security.capability", /* https://lwn.net/Articles/211883/ */
"user.pax.flags" /* https://github.com/projectatomic/rpm-ostree/issues/412 */
"user.pax.flags", /* https://github.com/projectatomic/rpm-ostree/issues/412 */
"user.ima" /* will be replaced with security.ima */
};
g_autoptr(GVariant) existing_xattrs = NULL;
g_autoptr(GVariantIter) viter = NULL;
@ -1137,9 +1138,15 @@ filter_xattrs_impl (OstreeRepo *repo,
const char *validkey = accepted_xattrs[i];
const char *attrkey = g_variant_get_bytestring (key);
if (g_str_equal (validkey, attrkey))
{
if (g_str_equal (validkey, "user.ima"))
g_variant_builder_add (&builder, "(@ay@ay)",
g_variant_new_bytestring ("security.ima"), value);
else
g_variant_builder_add (&builder, "(@ay@ay)", key, value);
}
}
}
return g_variant_ref_sink (g_variant_builder_end (&builder));
}