Set file permissions before renaming it to final destination

- This eliminates a case where thing can entirely unnecessarily break
  on live updates if you're "lucky" enough to do something in the
  tiny window of time between rename of a file and fixing up its
  permissions. Perhaps more importantly, this avoids overwriting
  any existing files in case where we fail to set the permissions
  at all.
- For regular metadata the physical path of the file is unintresting,
  but for selinux label lookups we need the destination path
  separately, hence the previous commits.

lib/fsm.c

@@ -1560,19 +1560,6 @@ static int fsmCommit(FSM_t fsm, int ix, int setmeta)
     if (!S_ISDIR(st->st_mode) && (fsm->suffix || fsm->nsuffix))
 	dest = fsmFsPath(fsm, 0, fsm->nsuffix);
 
-    /* Rename temporary to final file name if needed. */
-    if (dest != fsm->path) {
-	rc = fsmRename(fsm->path, dest, fsm->mapFlags);
-	if (!rc && fsm->nsuffix) {
-	    char * opath = fsmFsPath(fsm, 0, NULL);
-	    rpmlog(RPMLOG_WARNING, _("%s created as %s\n"),
-		   opath, dest);
-	    free(opath);
-	}
-	free(fsm->path);
-	fsm->path = dest;
-    }
-
     if (setmeta) {
         /* Set file security context (if enabled) */
         if (!rc && !getuid()) {
@@ -1600,6 +1587,19 @@ static int fsmCommit(FSM_t fsm, int ix, int setmeta)
         }
     }
 
+    /* Rename temporary to final file name if needed. */
+    if (!rc && dest != fsm->path) {
+	rc = fsmRename(fsm->path, dest, fsm->mapFlags);
+	if (!rc && fsm->nsuffix) {
+	    char * opath = fsmFsPath(fsm, 0, NULL);
+	    rpmlog(RPMLOG_WARNING, _("%s created as %s\n"),
+		   opath, dest);
+	    free(opath);
+	}
+	free(fsm->path);
+	fsm->path = dest;
+    }
+
     if (rc && fsm->failedFile && *fsm->failedFile == NULL) {
         *fsm->failedFile = fsm->path;
         fsm->path = NULL;