Libguestfs - Dec 2014 - [PATCH] customize, sysprep: add a short SELinux note

Add a short paragraph about SELinux, mostly to point to the
documentation about it provided in the documentation of virt-builder.
---
 customize/virt-customize.pod | 8 ++++++++
 sysprep/virt-sysprep.pod     | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/customize/virt-customize.pod b/customize/virt-customize.pod
index a666be7..8dbdfef 100644
--- a/customize/virt-customize.pod
+++ b/customize/virt-customize.pod
@@ -209,6 +209,14 @@ Enable tracing of libguestfs API calls.
 
 __CUSTOMIZE_OPTIONS__
 
+=head1 SELINUX
+
+For guests which make use of SELinux, special handling for them might
+be needed when using operations which create new files or alter
+existing ones.
+
+For further details, see L<virt-builder(1)/SELINUX>.
+
 =head1 EXIT STATUS
 
 This program returns 0 on success, or 1 if there was an error.
diff --git a/sysprep/virt-sysprep.pod b/sysprep/virt-sysprep.pod
index 5b88863..970abce 100644
--- a/sysprep/virt-sysprep.pod
+++ b/sysprep/virt-sysprep.pod
@@ -509,6 +509,14 @@ module:
  cp template.img newguest.img
  virt-sysprep --enable customize -a newguest.img
 
+=head1 SELINUX
+
+For guests which make use of SELinux, special handling for them might
+be needed when using operations which create new files or alter
+existing ones.
+
+For further details, see L<virt-builder(1)/SELINUX>.
+
 =head1 WINDOWS 8
 
 Windows 8 "fast startup" can prevent virt-sysprep from working.
-- 
1.9.3

---
 sysprep/sysprep_operation.ml  | 3 +++
 sysprep/sysprep_operation.mli | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/sysprep/sysprep_operation.ml b/sysprep/sysprep_operation.ml
index 1531268..ec5e374 100644
--- a/sysprep/sysprep_operation.ml
+++ b/sysprep/sysprep_operation.ml
@@ -30,8 +30,11 @@ let info fs = info ~prog fs
 class filesystem_side_effects  object
   val mutable m_created_file = false
+  val mutable m_changed_file = false
   method created_file () = m_created_file <- true
   method get_created_file = m_created_file
+  method changed_file () = m_changed_file <- true
+  method get_changed_file = m_changed_file
 end
 
 class device_side_effects = object end
diff --git a/sysprep/sysprep_operation.mli b/sysprep/sysprep_operation.mli
index 5d3b44a..bed0266 100644
--- a/sysprep/sysprep_operation.mli
+++ b/sysprep/sysprep_operation.mli
@@ -26,6 +26,8 @@ val info : ('a, unit, string, unit) format4 -> 'a
 class filesystem_side_effects : object
   method created_file : unit -> unit
   method get_created_file : bool
+  method changed_file : unit -> unit
+  method get_changed_file : bool
 end
 (** The callback should indicate if it has side effects by calling
     methods in this class. *)
-- 
1.9.3

Removing an user causes /etc/passwd, /etc/shadow, and /etc/group to
change, so mark the side effects as such if any user has been removed.
---
 sysprep/sysprep_operation_user_account.ml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/sysprep/sysprep_operation_user_account.ml
b/sysprep/sysprep_operation_user_account.ml
index bda6331..e53e5cc 100644
--- a/sysprep/sysprep_operation_user_account.ml
+++ b/sysprep/sysprep_operation_user_account.ml
@@ -55,6 +55,7 @@ let check_remove_user user  
 let user_account_perform ~verbose ~quiet g root side_effects    let typ =
g#inspect_get_type root in
+  let changed = ref false in
   if typ <> "windows" then (
     g#aug_init "/" 0;
     let uid_min = g#aug_get "/files/etc/login.defs/UID_MIN" in
@@ -72,6 +73,7 @@ let user_account_perform ~verbose ~quiet g root side_effects  
String.sub userpath (i+1) (String.length userpath -i-1) in
         if uid >= uid_min && uid <= uid_max
            && check_remove_user username then (
+          changed := true;
           (* Get the home before removing the passwd entry. *)
           let home_dir              try Some (g#aug_get (userpath ^
"/home"))
@@ -90,7 +92,9 @@ let user_account_perform ~verbose ~quiet g root side_effects  
)
     ) users;
     g#aug_save ();
-  )
+  );
+  if !changed then
+    side_effects#changed_file ()
 
 let op = {
   defaults with
-- 
1.9.3

ACK series.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW