From 8f861bdcaf91702b5b1428ea515338e70295908b Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Tue, 20 Sep 2016 11:11:58 +0200 Subject: [PATCH] Use gum-utils instead of shadow-utils for making security_test_user Using plain useradd or userdel in %post scripts causes wrong label on /etc/passwd and /etc/group files. The reason for that is that the user manipulation tools from shadow-utils bakcup the old file in /etc/ and create a new edited one instead of modifying it in-place. This results in files in /etc created with Smack label of the process that added or removed the user. Change-Id: Id523dcd25d1434dbe2847db915d5b4f630b3861a --- packaging/security-tests.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec index ffb07c5..d9319fa 100644 --- a/packaging/security-tests.spec +++ b/packaging/security-tests.spec @@ -65,7 +65,7 @@ ln -sf /etc/smack/test_smack_rules %{buildroot}/etc/smack/test_smack_rules_lnk %post id -u security_test_user 1>/dev/null 2>&1 || \ - useradd -r -g users -s /sbin/nologin -c "for tests only" security_test_user + gum-utils -o -a --username=security_test_user --usertype=normal # Reload dbus daemon to apply newly installed configuration systemctl reload dbus @@ -104,4 +104,4 @@ echo "security-tests postinst done ..." %{_prefix}/share/yaca-test %postun -id -u security_test_user 1>/dev/null 2>&1 && userdel security_test_user +id -u security_test_user 1>/dev/null 2>&1 && gum-utils -o -d --uid=`id -u security_test_user` -- 2.7.4