bindmount /proc for setting selinux context

it seems on el9 "setfiles" now needs /proc to work properly
oVirt · Jun 9, 2022 · 9a1e68c · 9a1e68c
1 parent f771727
commit 9a1e68c
Showing 1 changed file with 12 additions and 11 deletions.
diff --git a/src/imgbased/plugins/osupdater.py b/src/imgbased/plugins/osupdater.py
@@ -1039,17 +1039,18 @@ def _relabel_selinux(newroot):
     imgbase.hooks.emit("os-upgraded", previous_lv.lv_name, new_lv.lvm_name)
 
     with mounted(new_lv.path) as newroot:
-        with utils.bindmounted("/var", target=newroot.target + "/var",
-                               rbind=True):
-            _update_grub_cmdline(newroot.target)
-            _update_fstab(newroot.target)
-            _relabel_selinux(newroot.target)
-            BootSetupHandler(
-                root=newroot.target,
-                mkconfig=(imgbase.mode == constants.IMGBASED_MODE_INIT),
-                mkinitrd=(imgbase.mode == constants.IMGBASED_MODE_UPDATE)
-            ).setup()
-            bootloader.BootConfiguration.validate()
+        with utils.bindmounted("/proc", target=newroot.target + "/proc"):
+            with utils.bindmounted("/var", target=newroot.target + "/var",
+                                   rbind=True):
+                _update_grub_cmdline(newroot.target)
+                _update_fstab(newroot.target)
+                _relabel_selinux(newroot.target)
+                BootSetupHandler(
+                    root=newroot.target,
+                    mkconfig=(imgbase.mode == constants.IMGBASED_MODE_INIT),
+                    mkinitrd=(imgbase.mode == constants.IMGBASED_MODE_UPDATE)
+                ).setup()
+                bootloader.BootConfiguration.validate()
 
 
 def on_remove_layer(imgbase, lv_fullname):