rpms / policycoreutils

Clone
Source Code
GIT

Blame SOURCES/selinux-autorelabel-generator.sh

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c9
  2.   SOURCES
  3.   selinux-autorelabel-generator.sh
Blob History Raw
e65efd 
#!/bin/sh
e65efd
e65efd 
# This systemd.generator(7) detects if SELinux is running and if the
e65efd 
# user requested an autorelabel, and if so sets the default target to
e65efd 
# selinux-autorelabel.target, which will cause the filesystem to be
e65efd 
# relabelled and then the system will reboot again and boot into the
e65efd 
# real default target.
e65efd
e65efd 
PATH=/usr/sbin:$PATH
e65efd 
unitdir=/usr/lib/systemd/system
e65efd
e65efd 
# If invoked with no arguments (for testing) write to /tmp.
e65efd 
earlydir="/tmp"
e65efd 
if [ -n "$2" ]; then
e65efd 
    earlydir="$2"
e65efd 
fi
e65efd
e65efd 
set_target ()
e65efd 
{
e65efd 
    ln -sf "$unitdir/selinux-autorelabel.target" "$earlydir/default.target"
f4d2ee 
    AUTORELABEL="1"
f4d2ee 
    source /etc/selinux/config
f4d2ee 
    if [ "$AUTORELABEL" = "0" ]; then
f4d2ee 
        mkdir -p "$earlydir/selinux-autorelabel.service.d"
f4d2ee 
        cat > "$earlydir/selinux-autorelabel.service.d/tty.conf" <
f4d2ee 
[Service]
f4d2ee 
StandardInput=tty
f4d2ee 
EOF
f4d2ee 
    fi
e65efd 
}
e65efd
e65efd 
if selinuxenabled; then
e65efd 
    if test -f /.autorelabel; then
e65efd 
        set_target
e65efd 
    elif grep -sqE "\bautorelabel\b" /proc/cmdline; then
e65efd 
        set_target
e65efd 
    fi
e65efd 
fi

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation