kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

selinux-loadpolicy.sh: mount /proc and /selinux before loading the 

policies

also check for /sbin/load_policy
master
Harald Hoyer 2009-09-08 16:26:37 +02:00
parent aa297ca6b6
commit f5c4374d2c
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
modules.d/99base/selinux-loadpolicy.sh
View File

@ -1,13 +1,24 @@
#!/bin/sh #!/bin/sh
# FIXME: load selinux policy. this should really be done after we switchroot # FIXME: load selinux policy. this should really be done after we switchroot
if [ -x "$NEWROOT/usr/sbin/load_policy" ] && [ -e "$NEWROOT/etc/sysconfig/selinux" ]; then
if [ -x "$NEWROOT/usr/sbin/load_policy" -o -x "$NEWROOT/sbin/load_policy" ] && [ -e "$NEWROOT/etc/sysconfig/selinux" ]; then
info "Loading SELinux policy"
{ {
chroot $NEWROOT /usr/sbin/load_policy -i 2>&1 chroot "$NEWROOT" /bin/mount -t selinuxfs selinuxfs /selinux
chroot "$NEWROOT" /bin/mount -t proc proc /proc

if [ -x "$NEWROOT/sbin/load_policy" ]; then
chroot "$NEWROOT" /sbin/load_policy -i 2>&1
else
chroot "$NEWROOT" /usr/sbin/load_policy -i 2>&1
fi

if [ $? -eq 3 ]; then if [ $? -eq 3 ]; then
warn "Initial SELinux policy load failed and enforcing mode requested." warn "Initial SELinux policy load failed and enforcing mode requested."
warn "Not continuing" warn "Not continuing"
sleep 100d sleep 100d
exit 1 exit 1
fi fi
chroot "$NEWROOT" /bin/umount /proc
} | vinfo } | vinfo
fi fi