summaryrefslogtreecommitdiff
path: root/etc
diff options
context:
space:
mode:
authorLudovic Courtès <ludovic.courtes@inria.fr>2023-05-25 11:41:23 +0200
committerLudovic Courtès <ludo@gnu.org>2023-05-25 12:51:15 +0200
commit4166b583fb05728e481759f3db733ea85e165ccf (patch)
tree0b3c2dc17de1bba4f293be120648edad73c333e0 /etc
parent3bf612eaa13cc39caab64567660b8a02d206d19a (diff)
guix-install.sh: Install SELinux policy and relabel file systems if needed.
Fixes <https://issues.guix.gnu.org/62487>. * etc/guix-install.sh (sys_maybe_setup_selinux): New function. (main): Use it.
Diffstat (limited to 'etc')
-rwxr-xr-xetc/guix-install.sh14
1 files changed, 14 insertions, 0 deletions
diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index e81da7ae71..5012db55dd 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -606,6 +606,19 @@ fi
_msg "${PAS}Bash shell prompt successfully customized for Guix"
}
+sys_maybe_setup_selinux()
+{
+ if [ -f /sys/fs/selinux/policy ]
+ then
+ prompt_yes_no "Install SELinux policy required to run guix-daemon?" \
+ || return
+
+ local var_guix=/var/guix/profiles/per-user/root/current-guix
+ semodule -i "${var_guix}/share/selinux/guix-daemon.cil"
+ restorecon -R /gnu /var/guix
+ fi
+}
+
welcome()
{
local char
@@ -681,6 +694,7 @@ main()
sys_create_store "${GUIX_BINARY_FILE_NAME}" "${tmp_path}"
sys_create_build_user
+ sys_maybe_setup_selinux
sys_enable_guix_daemon
sys_authorize_build_farms
sys_create_init_profile