base-files: address sed in-place without SELinux awareness

sed(1) in busybox does not support this functionality: https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598 This causes /etc/group to become mislabeled when a package requests that a uid/gid be added on OpenWrt with SELinux Signed-off-by: Daniel Golle <[email protected]> [move restorecon inside lock] Signed-off-by: Dominick Grift <[email protected]>
marfis · May 2, 2022 · 5109bd1 · 5109bd1
1 parent 7d02fc0
commit 5109bd1
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/package/base-files/files/lib/functions.sh b/package/base-files/files/lib/functions.sh
@@ -386,6 +386,7 @@ group_add_user() {
 	echo "$grp" | grep -q ":$" && delim=""
 	[ -n "$IPKG_INSTROOT" ] || lock /var/lock/passwd
 	sed -i "s/$grp/$grp$delim$2/g" ${IPKG_INSTROOT}/etc/group
+	selinuxenabled 2>/dev/null && restorecon /etc/group
 	[ -n "$IPKG_INSTROOT" ] || lock -u /var/lock/passwd
 }