From 6452459e0e0117c9f72fb0d19441e19a8c5a1789 Mon Sep 17 00:00:00 2001
From: Steve Baker <sbaker@redhat.com>
Date: Tue, 4 Mar 2025 15:14:34 +1300
Subject: [PATCH] Minor ipv6-nat64 fixes

- sudo where appropriate
- use full context for chcon calls
- reduce the default of the size of SNO disk from 150G to 31G which
  aligns with CRC
---
 devsetup/scripts/ipv6-nat64/README.md  | 6 +++---
 devsetup/scripts/ipv6-nat64/network.sh | 2 +-
 devsetup/scripts/ipv6-nat64/sno.sh     | 6 +++---
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/devsetup/scripts/ipv6-nat64/README.md b/devsetup/scripts/ipv6-nat64/README.md
index 5fbae8b7..7270888a 100644
--- a/devsetup/scripts/ipv6-nat64/README.md
+++ b/devsetup/scripts/ipv6-nat64/README.md
@@ -8,9 +8,9 @@ Network setup relies on `systemd-resolved` service enabled and used for DNS
 resolution. If it's not installed on your machine (for example, if you use
 RHEL), then:
 
-#. Install the package: `dnf install -y systemd-resolved`
-#. Enable and start the service: `systemctl enable --now systemd-resolved`
-#. Configure it as the default resolver for the system: `ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf`
+#. Install the package: `sudo dnf install -y systemd-resolved`
+#. Enable and start the service: `sudo systemctl enable --now systemd-resolved`
+#. Configure it as the default resolver for the system: `sudo ln -sf ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf`
 
 Further DNS requests initiated by the hypervisor should now go through the stub `systemd-resolved` resolver.
 
diff --git a/devsetup/scripts/ipv6-nat64/network.sh b/devsetup/scripts/ipv6-nat64/network.sh
index bf7f32b1..dffc031a 100755
--- a/devsetup/scripts/ipv6-nat64/network.sh
+++ b/devsetup/scripts/ipv6-nat64/network.sh
@@ -103,7 +103,7 @@ function build_dnsmasq {
         make
         make install PREFIX=${WORK_DIR}
         # Set selinux context to bin_t
-        sudo chcon -t bin_t ${WORK_DIR}/sbin/dnsmasq
+        sudo chcon -h system_u:object_r:bin_t:s0 ${WORK_DIR}/sbin/dnsmasq
         popd
 
         popd
diff --git a/devsetup/scripts/ipv6-nat64/sno.sh b/devsetup/scripts/ipv6-nat64/sno.sh
index c493682b..491949d3 100755
--- a/devsetup/scripts/ipv6-nat64/sno.sh
+++ b/devsetup/scripts/ipv6-nat64/sno.sh
@@ -75,7 +75,7 @@ ARCH="${ARCH:-x86_64}"
 MEMORY="${MEMORY:-32768}"
 VCPUS="${VCPUS:-12}"
 OS_VARIANT="${OS_VARIANT:-fedora-coreos-stable}"
-DISK_SIZE="${DISK_SIZE:-150}"
+DISK_SIZE="${DISK_SIZE:-31}"
 VIRT_TYPE="${VIRT_TYPE:-kvm}"
 NET_MODEL="${NET_MODEL:-virtio}"
 # Libvirt config
@@ -94,7 +94,7 @@ fi
 
 mkdir -p "${WORK_DIR}"/ocp
 mkdir -p "${WORK_DIR}"/bin
-sudo chcon -t bin_t ${WORK_DIR}/bin
+sudo chcon -h system_u:object_r:bin_t:s0 ${WORK_DIR}/bin
 
 function get_oc_client {
     pushd ${WORK_DIR}
@@ -230,7 +230,7 @@ host-record=api.sno.lab.example.com,${SNO_HOST_IP}
 host-record=api-int.sno.lab.example.com,${SNO_HOST_IP}
 dhcp-host=${SNO_HOST_MAC},[${SNO_HOST_IP}],2m
 EOF
-    mkdir -p ${NAT64_IPV6_DNSMASQ_CONF_DIR}/conf.d
+    sudo mkdir -p ${NAT64_IPV6_DNSMASQ_CONF_DIR}/conf.d
     sudo cp -v ${MY_TMP_DIR}/sno.conf ${NAT64_IPV6_DNSMASQ_CONF_DIR}/conf.d/sno.conf
     sudo systemctl restart ${NAT64_IPV6_DNSMASQ_SERVICE_NAME}
 }