From 0c9bd51b921669fc60693430ae98f9d7911a3908 Mon Sep 17 00:00:00 2001
From: Bill Nottingham <notting@redhat.com>
Date: Thu, 13 Jul 2006 15:55:36 +0000
Subject: SELinux works now. - fix relabel call - allow 'noreadonlyroot' boot
 option

---
 rc.d/rc.sysinit | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

(limited to 'rc.d')

diff --git a/rc.d/rc.sysinit b/rc.d/rc.sysinit
index ba14702c..4f7aaa80 100755
--- a/rc.d/rc.sysinit
+++ b/rc.d/rc.sysinit
@@ -454,9 +454,7 @@ if strstr "$cmdline" readonlyroot ; then
 	READONLY=yes
 	[ -z "$RW_MOUNT" ] && RW_MOUNT=/var/lib/stateless/writable
 fi
-if [ "$READONLY" = "yes" -a -n "$SELINUX_STATE" ]; then
-	echo $"SELinux is not compatible with read-only root at this time."
-	echo $"Mounting read/write."
+if strstr "$cmdline" noreadonlyroot ; then
 	READONLY=no
 fi
 
@@ -487,9 +485,7 @@ if [ "$READONLY" = "yes" ]; then
 
 	# Common mount options for scratch space regardless of 
 	# type of backing store
-	if [ -n "$SELINUX_STATE" ]; then
-		mountopts="-o fscontext=system_u:object_r:fs_t:s0"
-	fi
+	mountopts=
 
 	# Scan partitions for local scratch storage
 	rw_mount_dev=$(blkid -t LABEL="$RW_LABEL" -o device | awk '{ print ; exit }')
@@ -521,7 +517,7 @@ if [ "$READONLY" = "yes" ]; then
 				*)
 					;;
 			esac
-			[ -n "$SELINUX_STATE" ] && restorecon -R "$1"
+			[ -n "$SELINUX_STATE" -a -e "$path" ] && restorecon -R "$path"
 		done
 	done
 
-- 
cgit v1.2.1