From bddb8498736b32c124d957748f6a735db65eb51e Mon Sep 17 00:00:00 2001
From: Bill Nottingham <notting@redhat.com>
Date: Thu, 20 Aug 2009 14:32:02 -0400
Subject: /selinux is not configurable. Don't pretend it is (fixes #518164)

---
 rc.d/rc.sysinit | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

(limited to 'rc.d')

diff --git a/rc.d/rc.sysinit b/rc.d/rc.sysinit
index fbd443c4..f20c7d45 100755
--- a/rc.d/rc.sysinit
+++ b/rc.d/rc.sysinit
@@ -32,11 +32,10 @@ PLYMOUTH=
 [ -x /usr/bin/plymouth ] && PLYMOUTH=yes
 
 # Check SELinux status
-selinuxfs="$(fstab_decode_str $(LC_ALL=C awk '/ selinuxfs / { print $2 }' /proc/mounts))"
 SELINUX_STATE=
-if [ -n "$selinuxfs" ] && [ "$(cat /proc/self/attr/current)" != "kernel" ]; then
-	if [ -r "$selinuxfs/enforce" ] ; then
-		SELINUX_STATE=$(cat "$selinuxfs/enforce")
+if [ -e "/selinux/enforce" ] && [ "$(cat /proc/self/attr/current)" != "kernel" ]; then
+	if [ -r "/selinux/enforce" ] ; then
+		SELINUX_STATE=$(cat "/selinux/enforce")
 	else
 		# assume enforcing if you can't read it
 		SELINUX_STATE=1
@@ -51,7 +50,7 @@ disable_selinux() {
 	echo $"*** Warning -- SELinux is active"
 	echo $"*** Disabling security enforcement for system recovery."
 	echo $"*** Run 'setenforce 1' to reenable."
-	echo "0" > "$selinuxfs/enforce"
+	echo "0" > "/selinux/enforce"
 }
 
 relabel_selinux() {
@@ -69,7 +68,7 @@ relabel_selinux() {
  	echo $"*** /etc/selinux/config indicates you want to manually fix labeling"
  	echo $"*** problems. Dropping you to a shell; the system will reboot"
  	echo $"*** when you leave the shell."
- 	echo "0" > $selinuxfs/enforce
+ 	echo "0" > /selinux/enforce
  	sulogin
  
  	echo $"Unmounting file systems"
@@ -84,14 +83,14 @@ relabel_selinux() {
  	echo $"*** Relabeling could take a very long time, depending on file"
  	echo $"*** system size and speed of hard drives."
  
- 	echo "0" > $selinuxfs/enforce
+ 	echo "0" > /selinux/enforce
 	/sbin/fixfiles -F restore > /dev/null 2>&1
  	rm -f  /.autorelabel 
  	if [ ! -z "$REBOOTFLAG" ]; then 
  	    echo $"Automatic reboot in progress."
  	    reboot -f
  	fi
- 	echo $SELINUX_STATE > $selinuxfs/enforce
+ 	echo $SELINUX_STATE > /selinux/enforce
 	[ -n "$PLYMOUTH" ] && plymouth --show-splash 
     fi
 }
@@ -400,9 +399,9 @@ elif [ -f /.autofsck ]; then
 		echo $"*** Warning -- the system did not shut down cleanly. "
 		echo $"*** Dropping you to a shell; the system will continue"
 		echo $"*** when you leave the shell."
-		[ -n "$SELINUX_STATE" ] && echo "0" > $selinuxfs/enforce
+		[ -n "$SELINUX_STATE" ] && echo "0" > /selinux/enforce
 		sulogin
-		[ -n "$SELINUX_STATE" ] && echo "1" > $selinuxfs/enforce
+		[ -n "$SELINUX_STATE" ] && echo "1" > /selinux/enforce
 		[ -n "$PLYMOUTH" ] && plymouth --show-splash 
 	fi
 	fsckoptions="$AUTOFSCK_OPT $fsckoptions"
-- 
cgit v1.2.1