diff options
author | Bill Nottingham <notting@redhat.com> | 2010-06-03 16:38:18 -0400 |
---|---|---|
committer | Bill Nottingham <notting@redhat.com> | 2010-06-03 16:39:30 -0400 |
commit | a015e20b11978ff171f7e2997c9ae44616b3ec54 (patch) | |
tree | 6b74d7f0d3b2cb018208fc95941be2c65d16e89c /rc.d/rc.sysinit | |
parent | d48be5566a8e12d494931332f4d3965ac9d704e4 (diff) | |
download | initscripts-a015e20b11978ff171f7e2997c9ae44616b3ec54.tar initscripts-a015e20b11978ff171f7e2997c9ae44616b3ec54.tar.gz initscripts-a015e20b11978ff171f7e2997c9ae44616b3ec54.tar.bz2 initscripts-a015e20b11978ff171f7e2997c9ae44616b3ec54.tar.xz initscripts-a015e20b11978ff171f7e2997c9ae44616b3ec54.zip |
Always reboot on autorelabel. (#595823)
It's not just init that could be mislabeled and cause problems;
there's udev, random other command from rc.sysinit, etc. Furthermore,
this avoids a problem with ending up in permissive mode.
Diffstat (limited to 'rc.d/rc.sysinit')
-rwxr-xr-x | rc.d/rc.sysinit | 28 |
1 files changed, 9 insertions, 19 deletions
diff --git a/rc.d/rc.sysinit b/rc.d/rc.sysinit index a7e8bfad..262c06c1 100755 --- a/rc.d/rc.sysinit +++ b/rc.d/rc.sysinit @@ -56,43 +56,33 @@ disable_selinux() { relabel_selinux() { # if /sbin/init is not labeled correctly this process is running in the # wrong context, so a reboot will be required after relabel - REBOOTFLAG=$(restorecon -v /sbin/init) AUTORELABEL= . /etc/selinux/config - if [ "$AUTORELABEL" = "0" ]; then - rm -f /.autorelabel + echo "0" > /selinux/enforce + [ -n "$PLYMOUTH" ] && plymouth --hide-splash - [ -n "$PLYMOUTH" ] && plymouth --hide-splash + if [ "$AUTORELABEL" = "0" ]; then echo echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. " echo $"*** /etc/selinux/config indicates you want to manually fix labeling" echo $"*** problems. Dropping you to a shell; the system will reboot" echo $"*** when you leave the shell." - echo "0" > /selinux/enforce sulogin - echo $"Unmounting file systems" - umount -a - mount -n -o remount,ro / - echo $"Automatic reboot in progress." - reboot -f else - [ -n "$PLYMOUTH" ] && plymouth --hide-splash echo echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required." echo $"*** Relabeling could take a very long time, depending on file" echo $"*** system size and speed of hard drives." - echo "0" > /selinux/enforce /sbin/fixfiles -F restore > /dev/null 2>&1 - rm -f /.autorelabel - if [ ! -z "$REBOOTFLAG" ]; then - echo $"Automatic reboot in progress." - reboot -f - fi - echo $SELINUX_STATE > /selinux/enforce - [ -n "$PLYMOUTH" ] && plymouth --show-splash fi + rm -f /.autorelabel + echo $"Unmounting file systems" + umount -a + mount -n -o remount,ro / + echo $"Automatic reboot in progress." + reboot -f } key_is_random() { |