Merge pull request #542 from rbreaves/make_intall_on_fedora_work_in_e…

…nforcing_mode

Make intall on fedora work in enforcing mode

linux/limitedadmins

@@ -11,3 +11,4 @@ Defaults!/etc/init.d/kinto setenv,env_reset,env_delete+=PATH,env_delete+=LD_PREL
 %{username} ALL=NOPASSWD: {pkill} -f bin/xkeysnail
 %{username} ALL=NOPASSWD: {xkeysnail} *
 %{username} ALL=NOPASSWD: {systemctl} is-active --quiet xkeysnail
+%{username} ALL=NOPASSWD: /usr/lib/systemd/system/xkeysnail.service

linux/xkeysnail.service

@@ -4,8 +4,8 @@ Description=xkeysnail
 [Service]
 Type=simple
 KillMode=process
-ExecStart=/usr/bin/sudo /bin/bash -c '/usr/bin/xhost +SI:localuser:root && {homedir}/.config/kinto/killdups.sh && {xkeysnail} --quiet --watch {homedir}/.config/kinto/kinto.py'
-ExecStop=/usr/bin/sudo /bin/bash -c '/usr/bin/sudo pkill -f bin/xkeysnail && exit 0'
+ExecStart={sudo}/bin/bash -c '/usr/bin/xhost +SI:localuser:root && {homedir}/.config/kinto/killdups.sh && {xkeysnail} --quiet --watch {homedir}/.config/kinto/kinto.py'
+ExecStop={sudo}/bin/bash -c '{sudo}pkill -f bin/xkeysnail && exit 0'
 Restart=on-failure
 RestartSec=3
 Environment=DISPLAY={displayid}

xkeysnail_service.sh

@@ -329,25 +329,6 @@ if [[ $distro == 'kdeneon' ]]; then
 fi
 
 if [[ $distro == 'fedora' ]]; then
-	echo "Checking SELinux status..."
-	if [[ $(perl -ne 'print if /^SELINUX=enforcing/' /etc/selinux/config | wc -l) != 0 ]]; then
-		while true; do
-		read -rep $'\nWould you like to update your SELinux state from enforcing to permissive? (y/n)\n' yn
-		case $yn in
-			[Yy]* ) setSE='yes'; break;;
-			[Nn]* ) exp='no'; expsh=" " break;;
-			# * ) echo "Please answer yes or no.";;
-		esac
-		done	
-
-		if [[ $yn == "yes" ]]; then
-			sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/selinux/config
-			echo "/etc/selinux/config has been updated. Please reboot your computer before continuing."
-			exit 0
-		fi
-	else
-		echo "SELinux state should be ok for Kinto to install"
-	fi
 	if [[ $(gsettings get org.gnome.desktop.wm.keybindings show-desktop | grep "\[\]" | wc -l) == 1 ]];then
 		gsettings set org.gnome.desktop.wm.keybindings show-desktop "['<Super>d']"
 	else
@@ -520,6 +501,11 @@ fi
 
 if [[ $distro == "fedora" ]]; then
 	perl -pi -e "\s{4}(# )(K.*)(# SL - .*fedora.*)/    \$2\$3/g" ./linux/kinto.py.new >/dev/null 2>&1
+	sed -i "s#{sudo}##g" ./linux/xkeysnail.service.new
+	selinuxuser=system_u
+	selinuxtype=systemd_unit_file_t
+else
+	sed -i "s#{sudo}#`\\which sudo` #g" ./linux/xkeysnail.service.new
 fi
 
 if [[ $distro == "elementaryos" ]]; then
@@ -590,6 +576,10 @@ if ! [[ $1 == "5" || $1 == "uninstall" || $1 == "Uninstall" ]]; then
 		exit 0
 	fi
 	sed -i "s#{xkeysnail}#`which xkeysnail`#g" ./linux/limitedadmins.new
+	if [[ $distro == "fedora" ]]; then
+		echo "Changing SELinux context"
+		sudo chcon -v --user=$selinuxuser --type=$selinuxtype "$xkeypath"xkeysnail.service
+	fi
 	sudo chown root:root ./linux/limitedadmins.new
 	# Add a check here for xkeysnail path resolving
 	sudo mv ./linux/limitedadmins.new /etc/sudoers.d/limitedadmins
@@ -598,10 +588,19 @@ if ! [[ $1 == "5" || $1 == "uninstall" || $1 == "Uninstall" ]]; then
 		sed -i "s#{xkeysnail}#`which xkeysnail`#g" ./linux/xkeysnail.service.new
 		sudo mv ./linux/xkeysnail.service.new "$xkeypath"xkeysnail.service && echo "Service file added to "$xkeypath"xkeysnail.service"
 
-		sudo chown -R root:root "$xkeypath"xkeysnail.service && echo "Ownership set for root..." || echo "Failed to set ownership..."
-		sudo chmod 644 "$xkeypath"xkeysnail.service && echo "Permissions set to 644..." || echo "Failed to set permissions..."
-		sudo ln -s "$xkeypath"xkeysnail.service /etc/systemd/system/xkeysnail.service && echo "Created soft symlink..." || echo "Failed to create soft symlink..."
-		sudo ln -s "$xkeypath"xkeysnail.service /etc/systemd/system/graphical.target.wants/xkeysnail.service && echo "Created soft symlink for graphical target..." || echo "Failed to create soft symlink for graphical target..."
+		if [[ $distro == "fedora" ]]; then
+			sudo cp "$xkeypath"xkeysnail.service /etc/systemd/system/xkeysnail.service && echo "Copied service file to system..." || echo "Failed to create copy..."
+			sudo cp "$xkeypath"xkeysnail.service /etc/systemd/system/graphical.target.wants/xkeysnail.service && echo "Copied service file to system for graphical target..." || echo "Failed to create copy for graphical target..."
+			sudo chown -R root:root /etc/systemd/system/xkeysnail.service && echo "Ownership set for root..." || echo "Failed to set ownership..."
+			sudo chown -R root:root /etc/systemd/system/graphical.target.wants/xkeysnail.service && echo "Ownership set for root..." || echo "Failed to set ownership..."
+			sudo chmod 644 /etc/systemd/system/xkeysnail.service && echo "Permissions set to 644..." || echo "Failed to set permissions..."
+			sudo chmod 644 /etc/systemd/system/graphical.target.wants/xkeysnail.service && echo "Permissions set to 644..." || echo "Failed to set permissions..."
+		else
+			sudo chown -R root:root "$xkeypath"xkeysnail.service && echo "Ownership set for root..." || echo "Failed to set ownership..."
+			sudo chmod 644 "$xkeypath"xkeysnail.service && echo "Permissions set to 644..." || echo "Failed to set permissions..."
+			sudo ln -s "$xkeypath"xkeysnail.service /etc/systemd/system/xkeysnail.service && echo "Created soft symlink..." || echo "Failed to create soft symlink..."
+			sudo ln -s "$xkeypath"xkeysnail.service /etc/systemd/system/graphical.target.wants/xkeysnail.service && echo "Created soft symlink for graphical target..." || echo "Failed to create soft symlink for graphical target..."
+		fi
 		sudo systemctl daemon-reload
 		sudo systemctl disable xkeysnail
 		sudo systemctl stop xkeysnail