fedora: Hide restorecon(8) errors in post-transaction scriptletHEAD2025_06_11.0293c6fmaster

Commit e01932353869 ("fedora: Separately restore context for /run/user
in %posttrans selinux") added a call to restorecon for /run/user in
the passt-selinux post-transaction scriptlet, and we can't give a path
that's more specific than that, but it often contains FUSE mountpoints
that are not accessible as root, resulting in warnings as the package
is installed.

Hide the errors, a failure in relabeling wouldn't be really
problematic in any case.

Link: https://bodhi.fedoraproject.org/updates/FEDORA-2025-f454466bb6
Link: https://bugzilla.redhat.com/show_bug.cgi?id=2371159
Fixes: e01932353869 ("fedora: Separately restore context for /run/user in %posttrans selinux")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Max Chernoff <git@maxchernoff.ca>

1 files changed, 7 insertions, 2 deletions

diff --git a/contrib/fedora/passt.spec b/contrib/fedora/passt.spec
index e52f50f..663289f 100644
--- a/contrib/fedora/passt.spec
+++ b/contrib/fedora/passt.spec
@@ -107,8 +107,13 @@ fi
 # (see selabel_file(5)) in order to restore only the file contexts which
 # actually changed. However, as file_contexts doesn't support %{USERID}
 # substitutions, this will not work for specific file contexts that pasta needs
-# to have under /run/user. Restore those explicitly.
-restorecon -R /run/user
+# to have under /run/user.
+#
+# Restore those explicitly, hiding errors from restorecon(8): we can't pass a
+# path that's more specific than this, but at the same time /run/user often
+# contains FUSE mountpoints that can't be accessed as root, leading to
+# "Permission denied" messages, but not failures.
+restorecon -R /run/user 2>/dev/null
 
 %files
 %license LICENSES/{GPL-2.0-or-later.txt,BSD-3-Clause.txt}