From fedd70c1314a89171478eedeaa12feeaa1843308 Mon Sep 17 00:00:00 2001
From: bwzhang <zhangbowei@kylinos.cn>
Date: Thu, 9 May 2024 19:17:15 +0800
Subject: [PATCH] fix k3s-selinux install error

---
 0001-fix-k3s-selinux-install-error.patch | 25 ++++++++++++++++++++++++
 k3s-selinux.spec                         | 11 ++++++++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 0001-fix-k3s-selinux-install-error.patch

diff --git a/0001-fix-k3s-selinux-install-error.patch b/0001-fix-k3s-selinux-install-error.patch
new file mode 100644
index 0000000..21e002b
--- /dev/null
+++ b/0001-fix-k3s-selinux-install-error.patch
@@ -0,0 +1,25 @@
+From b65cc6cf0c08e449edd916edbe4226a4b6456d4d Mon Sep 17 00:00:00 2001
+From: bwzhang <zhangbowei@kylinos.cn>
+Date: Thu, 9 May 2024 19:13:04 +0800
+Subject: [PATCH] fix k3s-selinux install error
+
+---
+ policy/microos/k3s.te | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/policy/microos/k3s.te b/policy/microos/k3s.te
+index d5ccba3..fc25486 100644
+--- a/policy/microos/k3s.te
++++ b/policy/microos/k3s.te
+@@ -33,7 +33,7 @@ filetrans_pattern(container_runtime_t, k3s_root_t, container_runtime_exec_t, fil
+ filetrans_pattern(container_runtime_t, k3s_root_t, container_runtime_exec_t, file, "containerd-shim-runc-v2")
+ filetrans_pattern(container_runtime_t, k3s_root_t, container_runtime_exec_t, file, "runc")
+ filetrans_pattern(container_runtime_t, container_var_lib_t, container_file_t, dir, "storage")
+-filetrans_pattern(container_runtime_t, container_var_lib_t, container_share_t, dir, "snapshots")
++filetrans_pattern(container_runtime_t, container_var_lib_t, container_file_t, dir, "snapshots")
+ filetrans_pattern(container_runtime_t, var_lib_t, container_var_lib_t, dir, "kubelet")
+ filetrans_pattern(container_runtime_t, container_var_lib_t, container_file_t, dir, "pods")
+ filetrans_pattern(container_runtime_t, var_log_t, container_log_t, dir, "containers")
+-- 
+2.20.1
+
diff --git a/k3s-selinux.spec b/k3s-selinux.spec
index c8fcf5b..6ada9f3 100644
--- a/k3s-selinux.spec
+++ b/k3s-selinux.spec
@@ -36,7 +36,7 @@
 
 Name:           k3s-selinux
 Version:        1.1.stable.1
-Release:        1
+Release:        2
 Summary:        SELinux policy module for k3s
 
 Group:          System Environment/Base
@@ -44,6 +44,8 @@ License:        Apache-2.0
 URL:            https://github.com/k3s-io/k3s-selinux
 Source:         https://github.com/k3s-io/k3s-selinux/archive/refs/tags/%{name}-%{version}.tar.gz
 
+Patch01:        0001-fix-k3s-selinux-install-error.patch
+
 BuildArch:      noarch
 BuildRequires:  container-selinux >= %{container_policyver}
 BuildRequires:  git
@@ -64,6 +66,7 @@ This package installs and sets up the SELinux policy security module for k3s.
 
 %prep
 %setup -q
+%patch01 -p1
 
 %build
 cd policy/microos
@@ -99,5 +102,11 @@ fi;
 %{_datadir}/selinux/devel/include/contrib/k3s.if
 
 %changelog
+* Thu May 09 2024 zhangbowei <zhangbowei@kylinos.cn> - 1.1.stable.1-2
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC: fix install error
+
 * Sat Jul 30 2022 zhuyuncheng <zhuyuncheng@huawei.com> - 1.1.stable.1-1
 - Init package