diff options
| author | Bill Nottingham <notting@redhat.com> | 2004-08-25 19:02:43 +0000 |
|---|---|---|
| committer | Bill Nottingham <notting@redhat.com> | 2004-08-25 19:02:43 +0000 |
| commit | 477d822d19447d8f34cd6b9c2457aef2f17dbe51 (patch) | |
| tree | 88d3fa239b32b3b0fb3e5a6b81eee06bf16b3c94 | |
| parent | 97e5abb493f4703585000fd52dff33fe3fc1d528 (diff) | |
| download | initscripts-477d822d19447d8f34cd6b9c2457aef2f17dbe51.tar initscripts-477d822d19447d8f34cd6b9c2457aef2f17dbe51.tar.gz initscripts-477d822d19447d8f34cd6b9c2457aef2f17dbe51.tar.bz2 initscripts-477d822d19447d8f34cd6b9c2457aef2f17dbe51.tar.xz initscripts-477d822d19447d8f34cd6b9c2457aef2f17dbe51.zip | |
do a SELinux relabel if forced
| -rwxr-xr-x | rc.d/rc.sysinit | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/rc.d/rc.sysinit b/rc.d/rc.sysinit index c726784e..69e429d6 100755 --- a/rc.d/rc.sysinit +++ b/rc.d/rc.sysinit @@ -53,6 +53,24 @@ disable_selinux() { echo "0" > $selinuxfs/enforce } +relabel_selinux() { + echo " + *** Warning -- SELinux relabel is required. *** + *** Disabling security enforcement. *** + *** Relabeling could take a very long time, *** + *** depending on file system size. *** + " + echo "0" > $selinuxfs/enforce + mount -n -o remount,rw / + mount -a + /sbin/fixfiles -F relabel > /dev/null 2>&1 + rm -f /.autorelabel + mount -n -o remount,ro / + umount -a + echo "*** Enabling security enforcement. ***" + echo $SELINUX > $selinuxfs/enforce +} + . /etc/init.d/functions @@ -333,6 +351,10 @@ if [ -z "$fastboot" -a "$READONLY" != "yes" -a "X$ROOTFSTYPE" != "Xnfs" -a "X$RO _RUN_QUOTACHECK=1 fi fi +# +# Check to see if SELinux requires a relabel +# +[ -n "$SELINUX" ] && [ -f /.autorelabel ] && relabel_selinux # Unmount the initrd, if necessary if LC_ALL=C fgrep -q /initrd /proc/mounts && ! LC_ALL=C fgrep -q /initrd/loopfs /proc/mounts ; then |