fix: Correct labels on waydroid for selinux (#639)

Containerfile

@@ -422,6 +422,7 @@ RUN /tmp/image-info.sh && \
     systemctl disable rpm-ostreed-automatic.timer && \
     systemctl enable ublue-update.timer && \
     systemctl enable gamescope-workaround.service && \
+    systemctl enable waydroid-workaround.service && \
     systemctl enable bazzite-hardware-setup.service && \
     systemctl enable tailscaled.service && \
     systemctl enable dev-hugepages1G.mount && \

system_files/desktop/shared/usr/lib/systemd/system/gamescope-workaround.service

@@ -5,7 +5,7 @@ After=local-fs.target
 
 [Service]
 Type=oneshot
-# Copy if it doens't exist
+# Copy if it doesn't exist
 ExecStartPre=/usr/bin/bash -c "[ -x /usr/local/bin/.gamescope ] || /usr/bin/cp /usr/bin/gamescope /usr/local/bin/.gamescope"
 # This is faster than using .mount unit. Also allows for the previous line/cleanup
 ExecStartPre=/usr/bin/mount --bind /usr/local/bin/.gamescope /usr/bin/gamescope

system_files/desktop/shared/usr/lib/systemd/system/waydroid-workaround.service

@@ -0,0 +1,20 @@
+[Unit]
+Description=Workaround waydroid not having the correct label
+ConditionPathExists=/usr/lib/waydroid
+After=local-fs.target
+
+[Service]
+Type=oneshot
+# Copy if it doesn't exist
+ExecStartPre=/usr/bin/bash -c "[ -d /usr/local/lib/.waydroid ] || /usr/bin/cp -r /usr/lib/waydroid /usr/local/lib/.waydroid"
+# This is faster than using .mount unit. Also allows for the previous line/cleanup
+ExecStartPre=/usr/bin/mount --bind /usr/local/lib/.waydroid /usr/lib/waydroid
+# Fix SELinux label
+ExecStart=/usr/sbin/restorecon /usr/lib/waydroid
+# Clean-up after ourselves
+ExecStop=/usr/bin/umount /usr/lib/waydroid
+ExecStop=/usr/bin/rm -r /usr/local/lib/.waydroid
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

system_files/desktop/shared/usr/lib/tmpfiles.d/waydroid-workaround.conf

@@ -0,0 +1 @@
+C /usr/local/lib/.waydroid - - - - /usr/lib/waydroid