From 1cecddf031991f1c64ea203f173189624f11940e Mon Sep 17 00:00:00 2001
From: Boris Ranto <branto@redhat.com>
Date: Fri, 28 Apr 2017 12:29:46 +0200
Subject: [PATCH] selinux: Do parallel relabel on package install

We can take advantage of ceph-disk fix subcommand when doing a package
install. We will keep using the differential fixfiles command otherwise.

We also need to add relabel for /usr/bin/ daemons so that we could use
this.

Fixes: http://tracker.ceph.com/issues/20077

Signed-off-by: Boris Ranto <branto@redhat.com>
---
 ceph.spec.in                    | 10 ++++++++--
 src/ceph-disk/ceph_disk/main.py |  5 +++++
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/ceph.spec.in b/ceph.spec.in
index 963fadd840cf8..ba83f4b31efe9 100644
--- a/ceph.spec.in
+++ b/ceph.spec.in
@@ -1719,8 +1719,14 @@ if test $STATUS -eq 0; then
     /usr/bin/systemctl stop ceph.target > /dev/null 2>&1
 fi
 
-# Now, relabel the files
-/usr/sbin/fixfiles -C ${FILE_CONTEXT}.pre restore 2> /dev/null
+# Relabel the files
+# Use ceph-disk fix for first package install and fixfiles otherwise
+if [ "$1" = "1" ]; then
+    /usr/sbin/ceph-disk fix --selinux
+else
+    /usr/sbin/fixfiles -C ${FILE_CONTEXT}.pre restore 2> /dev/null
+fi
+
 rm -f ${FILE_CONTEXT}.pre
 # The fixfiles command won't fix label for /var/run/ceph
 /usr/sbin/restorecon -R /var/run/ceph > /dev/null 2>&1
diff --git a/src/ceph-disk/ceph_disk/main.py b/src/ceph-disk/ceph_disk/main.py
index 0869b3c07c91a..8564e09566b26 100755
--- a/src/ceph-disk/ceph_disk/main.py
+++ b/src/ceph-disk/ceph_disk/main.py
@@ -4830,9 +4830,14 @@ def main_trigger(args):
 def main_fix(args):
     # A hash table containing 'path': ('uid', 'gid', blocking, recursive)
     fix_table = [
+        ('/usr/bin/ceph-mon', 'ceph', 'ceph', True, False),
+        ('/usr/bin/ceph-mds', 'ceph', 'ceph', True, False),
+        ('/usr/bin/ceph-osd', 'ceph', 'ceph', True, False),
+        ('/usr/bin/radosgw', 'ceph', 'ceph', True, False),
         ('/etc/ceph', 'ceph', 'ceph', True, True),
         ('/var/run/ceph', 'ceph', 'ceph', True, True),
         ('/var/log/ceph', 'ceph', 'ceph', True, True),
+        ('/var/log/radosgw', 'ceph', 'ceph', True, True),
         ('/var/lib/ceph', 'ceph', 'ceph', True, False),
     ]
 
-- 
2.39.5