From 429e9d4966d070dface71771cf607eac3f93b3b1 Mon Sep 17 00:00:00 2001
From: Darren Shepherd <darren@rancher.com>
Date: Mon, 24 Feb 2020 16:07:03 -0700
Subject: [PATCH 1/2] Don't require selinux utils and require k3s_selinux

If you are installing k3s on a selinux enforcing system then we
required that you also install k3s_selinux RPM to put in the proper
policy.
---
 install.sh | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/install.sh b/install.sh
index d364e12d4e..362347f3a6 100755
--- a/install.sh
+++ b/install.sh
@@ -276,15 +276,6 @@ verify_downloader() {
     return 0
 }
 
-# --- verify existence of semanage when SELinux is enabled ---
-verify_semanage() {
-    if [ -x "$(which getenforce)" ]; then
-        if [ "Disabled" != $(getenforce) ] && [ ! -x "$(which semanage)" ]; then
-            fatal 'SELinux is enabled but semanage is not found'
-        fi
-    fi
-}
-
 # --- create tempory directory and cleanup when done ---
 setup_tmp() {
     TMP_DIR=$(mktemp -d -t k3s-install.XXXXXXXXXX)
@@ -396,13 +387,9 @@ setup_binary() {
     $SUDO chown root:root ${TMP_BIN}
     $SUDO mv -f ${TMP_BIN} ${BIN_DIR}/k3s
 
-    if command -v getenforce > /dev/null 2>&1; then
-        if [ "Disabled" != $(getenforce) ]; then
-	    info 'SELinux is enabled, setting permissions'
-	    if ! $SUDO semanage fcontext -l | grep "${BIN_DIR}/k3s" > /dev/null 2>&1; then
-	        $SUDO semanage fcontext -a -t bin_t "${BIN_DIR}/k3s"
-	    fi
-	    $SUDO restorecon -v ${BIN_DIR}/k3s > /dev/null
+    if ! $SUDO chcon -u system_u -r object_r -t container_runtime_exec_t ${BIN_DIR}/k3s 2>/dev/null 2>&1; then
+        if $SUDO grep SELINUX=enforcing /etc/selinux/config >/dev/null 2>&1; then
+            fatal "Failed to apply container_runtime_exec_t to ${BIN_DIR}/k3s, please install k3s_selinux RPM"
         fi
     fi
 }
@@ -417,7 +404,6 @@ download_and_verify() {
 
     setup_verify_arch
     verify_downloader curl || verify_downloader wget || fatal 'Can not find curl or wget for downloading files'
-    verify_semanage
     setup_tmp
     get_release_version
     download_hash

From 1c8124cc025a63c933eaeb5c8c439b254fea3b8d Mon Sep 17 00:00:00 2001
From: David Nuzik <45179589+davidnuzik@users.noreply.github.com>
Date: Fri, 13 Mar 2020 15:24:19 -0700
Subject: [PATCH 2/2] Ask more clearly for K3s args and logs

In the bug report template, more clearly ask the user for K3s arguments and logs
---
 .github/ISSUE_TEMPLATE/bug_report.md | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
index 2f2468d480..2442b272f9 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -10,7 +10,10 @@ assignees: ''
 <!-- Thanks for helping us to improve k3s! We welcome all bug reports. Please fill out each area of the template so we can better help you.  ***You can delete this message portion of the bug report.*** -->
 
 **Version:**
-<!-- Provide the output from `k3s -v` and provide the flags used to install or run k3s server. -->
+<!-- Provide the output from `k3s -v` -->
+
+**K3s arguments:**
+<!-- Provide the flags used to install or run k3s server. -->
 
 **Describe the bug**
 <!-- A clear and concise description of what the bug is. -->
@@ -24,5 +27,5 @@ assignees: ''
 **Actual behavior**
 <!-- A clear and concise description of what actually happened. -->
 
-**Additional context**
-<!-- Add any other context about the problem here. -->
+**Additional context / logs**
+<!-- Add any other context and/or logs about the problem here. -->