From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id B5D44285040
	for <kdevops@lists.linux.dev>; Thu,  2 Oct 2025 20:21:43 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1759436503; cv=none; b=ftBL5Ji7Yl8zAP4zv6QQKd9aZgwrqgcCanoaacT39+uneDp65n0kUcm89+dpMBaZQoV1IZmr73mfJc7c6Qz9Eg7dofk6SWkIqLYMtbLBs4zXLzzbeZdpwrshq5ardLWR5ve1uvl1ymyiqTADIsHZFKIY/7qxvhywBFYmCos1pxE=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1759436503; c=relaxed/simple;
	bh=N6uoAI4HbrE4KWDzXfWtVIlQvdgJcWukUk90TpcxZ9M=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version; b=Ql1nWPymHDwtKWH36CvGsqByDj0hF2WnMnpkKPSUhuFPEWk8k47mnxbxs14ecUvzQVpbohx3yYlZODCq8dC00spNIOLRKny4JsmzOBZDPyHVWBSVT2S6ozWN4PYO4rXQhxzJbm3aIuU8HUTgCT6x3jum1TCcijQ108sgRwl2VI4=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fNyYIBhl; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fNyYIBhl"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1A7A0C4CEF4;
	Thu,  2 Oct 2025 20:21:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1759436503;
	bh=N6uoAI4HbrE4KWDzXfWtVIlQvdgJcWukUk90TpcxZ9M=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=fNyYIBhlZO8a3mgnzZHNnUoFzeXD5M9N2e8Xjf381NU2DkfInqUmOYoCgg4V6jTcx
	 PamegmWgtdZD2J+mCNW/9+xlXSHdmqC7MPC9NpDjBsf7vpbWER9sR0Ld1NWizsAGgs
	 5PqQYXAxAzpH9Hhg3NzSEdQoy2MZDkOWp/RKtC+us3Ob3hw99T/7t2pcvMg8DIDjSz
	 qtMPxo6cU74fo3L8Nzr7RQGhveAvxwciWZ7lAoaAgiu/Wr3EeCZOPtSXQteMumXQXw
	 Z8EEbwhcxV0nuHeeZeGi4HYd1+XiRMCx5zQlwkwCPOLsIExrlaIUy4ikt9wQnXfKm1
	 oh7T0DO5NdzMQ==
From: Chuck Lever <cel@kernel.org>
To: <kdevops@lists.linux.dev>
Cc: Chuck Lever <chuck.lever@oracle.com>
Subject: [PATCH v1 2/6] base_image: Make the semanage command available on base images
Date: Thu,  2 Oct 2025 16:21:36 -0400
Message-ID: <20251002202140.3596787-3-cel@kernel.org>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251002202140.3596787-1-cel@kernel.org>
References: <20251002202140.3596787-1-cel@kernel.org>
Precedence: bulk
X-Mailing-List: kdevops@lists.linux.dev
List-Id: <kdevops.lists.linux.dev>
List-Subscribe: <mailto:kdevops+subscribe@lists.linux.dev>
List-Unsubscribe: <mailto:kdevops+unsubscribe@lists.linux.dev>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

From: Chuck Lever <chuck.lever@oracle.com>

semanage is needed to adjust SELinux settings on sshd before the
first boot, and does not appear to be in the downloaded raw OS
images.

Generated-by: Claude AI
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 playbooks/roles/base_image/templates/virt-builder.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/roles/base_image/templates/virt-builder.j2 b/playbooks/roles/base_image/templates/virt-builder.j2
index 6805679a8959..83005e53251b 100644
--- a/playbooks/roles/base_image/templates/virt-builder.j2
+++ b/playbooks/roles/base_image/templates/virt-builder.j2
@@ -12,7 +12,7 @@ mkdir {{ target_dir }}
 copy-in {{ guestfs_distro_source_and_dest_file }}:{{ target_dir }}
 {% endif %}
 
-install sudo,qemu-guest-agent,python3,bash
+install sudo,qemu-guest-agent,python3,bash,policycoreutils-python-utils
 run-command useradd {{ kdevops_uid }} -s /bin/bash -m kdevops
 append-line /etc/sudoers.d/kdevops:kdevops   ALL=(ALL)       NOPASSWD: ALL
 edit /etc/default/grub:s/^GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0"/
-- 
2.51.0