rpm selinux plugin check context file exist

rpm-selinux-plugin-check-context-file-exist.patch

@@ -0,0 +1,26 @@
+From 55708fd5822a3e4bf5537002a648f32cb0a6e07e Mon Sep 17 00:00:00 2001
+From: luhuaxin <1539327763@qq.com>
+Date: Tue, 26 Oct 2021 18:39:46 +0800
+Subject: [PATCH] rpm selinux plugin check context file exist
+
+---
+ plugins/selinux.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/selinux.c b/plugins/selinux.c
+index 1254517..fb8b7a2 100644
+--- a/plugins/selinux.c
++++ b/plugins/selinux.c
+@@ -63,7 +63,8 @@ static rpmRC selinux_tsm_pre(rpmPlugin plugin, rpmts ts)
+     rpmRC rc = RPMRC_OK;
+ 
+     /* If SELinux isn't enabled on the system, dont mess with it */
+-    if (!is_selinux_enabled()) {
++    if (!is_selinux_enabled() || selinux_file_context_path() == NULL ||
++        access(selinux_file_context_path(), F_OK)) {
+ 	rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
+     }
+ 
+-- 
+2.23.0
+

rpm.spec

@@ -1,6 +1,6 @@
 Name:          rpm
 Version:       4.15.1
-Release:       31
+Release:       32
 Summary:       RPM Package Manager
 License:       GPLv2+
 URL:           http://www.rpm.org/
@@ -59,6 +59,7 @@ Patch48: backport-Do-not-allow-extra-packets-to-follow-a-signature.patch
 Patch49: backport-0001-CVE-2021-3521.patch
 Patch50: backport-0002-CVE-2021-3521.patch
 Patch51: backport-0003-CVE-2021-3521.patch
+Patch52: rpm-selinux-plugin-check-context-file-exist.patch
 
 BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel libdb-devel 
 BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel
@@ -321,6 +322,12 @@ make check || (cat tests/rpmtests.log; exit 0)
 %{_mandir}/man1/gendiff.1*
 
 %changelog
+* Fri Dec 3 2021 luhuaxin<1539327763@qq.com> - 4.15.1-32
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:rpm selinux plugin check context file exist
+
 * Wed Nov 03 2021 tianwei <tianwei12@huawei.com> - 4.15.1-31
 - Type:cve
 - ID:NA