kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

selinux-loadpolicy.sh: mount /proc and /selinux before loading the 

policies

also check for /sbin/load_policy
master
Harald Hoyer 2009-09-08 16:26:37 +02:00
parent aa297ca6b6
commit f5c4374d2c
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
modules.d/99base/selinux-loadpolicy.sh
View File

@ -1,13 +1,24 @@
#!/bin/sh
# FIXME: load selinux policy. this should really be done after we switchroot
if [ -x "$NEWROOT/usr/sbin/load_policy" ] && [ -e "$NEWROOT/etc/sysconfig/selinux" ]; then

if [ -x "$NEWROOT/usr/sbin/load_policy" -o -x "$NEWROOT/sbin/load_policy" ] && [ -e "$NEWROOT/etc/sysconfig/selinux" ]; then
info "Loading SELinux policy"
{
chroot $NEWROOT /usr/sbin/load_policy -i 2>&1
chroot "$NEWROOT" /bin/mount -t selinuxfs selinuxfs /selinux
chroot "$NEWROOT" /bin/mount -t proc proc /proc

if [ -x "$NEWROOT/sbin/load_policy" ]; then
chroot "$NEWROOT" /sbin/load_policy -i 2>&1
else
chroot "$NEWROOT" /usr/sbin/load_policy -i 2>&1
fi

if [ $? -eq 3 ]; then
warn "Initial SELinux policy load failed and enforcing mode requested."
warn "Not continuing"
sleep 100d
exit 1
fi
chroot "$NEWROOT" /bin/umount /proc
} | vinfo
fi