From 95fd5a2b5426f3420e05ac190eb9f286df630484 Mon Sep 17 00:00:00 2001
From: Ryan Harper <ryan.harper@canonical.com>
Date: Thu, 27 Apr 2017 20:34:28 +0000
Subject: selinux: Allow restorecon to be non-fatal.

On some systems with python-libselinux a bug[1] related to recursive
restorecon fails but the distro release does not yet include
an update.  This change will accept the error and log a warning.

1. https://bugzilla.redhat.com/show_bug.cgi?id=1406520

LP: #1686751
---
 cloudinit/util.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/cloudinit/util.py b/cloudinit/util.py
index b8c3e4ee..415ca374 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -330,7 +330,11 @@ class SeLinuxGuard(object):
 
         LOG.debug("Restoring selinux mode for %s (recursive=%s)",
                   path, self.recursive)
-        self.selinux.restorecon(path, recursive=self.recursive)
+        try:
+            self.selinux.restorecon(path, recursive=self.recursive)
+        except OSError as e:
+            LOG.warning('restorecon failed on %s,%s maybe badness? %s',
+                        path, self.recursive, e)
 
 
 class MountFailedError(Exception):
-- 
cgit v1.2.3