diff options
Diffstat (limited to 'systemd/rhel-autorelabel')
-rwxr-xr-x | systemd/rhel-autorelabel | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/systemd/rhel-autorelabel b/systemd/rhel-autorelabel new file mode 100755 index 00000000..7cb9b40c --- /dev/null +++ b/systemd/rhel-autorelabel @@ -0,0 +1,41 @@ +#!/bin/bash +# +# Do automatic relabelling +# + +. /etc/init.d/functions + +relabel_selinux() { + # if /sbin/init is not labeled correctly this process is running in the + # wrong context, so a reboot will be required after relabel + AUTORELABEL= + . /etc/selinux/config + echo "0" > /sys/fs/selinux/enforce + [ -x /bin/plymouth ] && plymouth --hide-splash + + if [ "$AUTORELABEL" = "0" ]; then + echo + echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. " + echo $"*** /etc/selinux/config indicates you want to manually fix labeling" + echo $"*** problems. Dropping you to a shell; the system will reboot" + echo $"*** when you leave the shell." + sulogin + + else + echo + echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required." + echo $"*** Relabeling could take a very long time, depending on file" + echo $"*** system size and speed of hard drives." + + FORCE=`cat /.autorelabel` + /sbin/fixfiles $FORCE restore > /dev/null 2>&1 + fi + rm -f /.autorelabel + systemctl --force reboot +} + +# Check to see if a full relabel is needed +if [ "$READONLY" != "yes" ]; then + restorecon $(awk '!/^#/ && $4 !~ /noauto/ && $2 ~ /^\// { print $2 }' /etc/fstab) >/dev/null 2>&1 + relabel_selinux +fi |