mirror/bazzite
1
0
Fork 0
mirror of https://github.com/ublue-os/bazzite.git synced 2025-01-29 18:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: Use same design as other selinux workarounds

Browse Source
This commit is contained in:
Kyle Gospodnetich 2024-01-22 22:47:14 -08:00
parent d3b33b2753
commit 04ab8766f4
2 changed files with 24 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
system_files/desktop/shared/usr/lib/systemd/system/incus-workaround.service
View File

@ -1,5 +1,5 @@
[Unit] [Unit]
Description=Workaround SELinux issues with Incus... Description=Workaround Incus not having the correct label
ConditionPathExists=/usr/bin/incus ConditionPathExists=/usr/bin/incus
ConditionPathExists=/usr/bin/incus-agent ConditionPathExists=/usr/bin/incus-agent
ConditionPathExists=/usr/lib/incus ConditionPathExists=/usr/lib/incus
@ -7,16 +7,26 @@ After=local-fs.target
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/bin/mount --bind -o rw /usr/bin/incus /usr/bin/incus # Copy if it doesn't exist
ExecStart=/usr/bin/mount --bind -o rw /usr/bin/incus-agent /usr/bin/incus-agent ExecStartPre=/usr/bin/bash -c "[ -x /usr/local/bin/.incus ] || /usr/bin/cp $(readlink /usr/bin/incus) /usr/local/bin/.incus"
ExecStart=/usr/bin/mount --bind -o rw /usr/lib/incus /usr/lib/incus ExecStartPre=/usr/bin/bash -c "[ -x /usr/local/bin/.incus-agent ] || /usr/bin/cp $(readlink /usr/bin/incus-agent) /usr/local/bin/.incus-agent"
ExecStart=/usr/sbin/restorecon -R -v /usr/bin/incus ExecStartPre=/usr/bin/bash -c "[ -d /usr/local/lib/.incus ] || /usr/bin/cp -r /usr/lib/incus /usr/local/lib/.incus"
ExecStart=/usr/sbin/restorecon -R -v /usr/bin/incus-agent # This is faster than using .mount unit. Also allows for the previous line/cleanup
ExecStart=/usr/sbin/restorecon -R -v /usr/lib/incus ExecStartPre=/usr/bin/mount --bind /usr/local/bin/.incus /usr/bin/incus
ExecStart=/usr/bin/umount /usr/bin/incus ExecStartPre=/usr/bin/mount --bind /usr/local/bin/.incus-agent /usr/bin/incus-agent
ExecStart=/usr/bin/umount /usr/bin/incus-agent ExecStartPre=/usr/bin/mount --bind /usr/local/lib/.incus /usr/lib/incus
ExecStart=/usr/bin/umount /usr/lib/incus # Fix SELinux label
RemainAfterExit=true ExecStart=/usr/sbin/restorecon -R /usr/bin/incus
ExecStart=/usr/sbin/restorecon -R /usr/bin/incus-agent
ExecStart=/usr/sbin/restorecon -R /usr/lib/incus
# Clean-up after ourselves
ExecStop=/usr/bin/umount /usr/bin/incus
ExecStop=/usr/bin/umount /usr/bin/incus-agent
ExecStop=/usr/bin/umount /usr/lib/incus
ExecStop=/usr/bin/rm -r /usr/local/bin/.incus
ExecStop=/usr/bin/rm -r /usr/local/bin/.incus-agent
ExecStop=/usr/bin/rm -r /usr/local/lib/.incus
RemainAfterExit=yes
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

3
system_files/desktop/shared/usr/lib/tmpfiles.d/incus-workaround.conf Normal file
View File

@ -0,0 +1,3 @@
C /usr/local/bin/.incus - - - - /usr/bin/incus
C /usr/local/bin/.incus-agent - - - - /usr/bin/incus-agent
C /usr/local/lib/.incus - - - - /usr/lib/incus