diff options
Diffstat (limited to 'systemd/fedora-readonly')
-rwxr-xr-x | systemd/fedora-readonly | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/systemd/fedora-readonly b/systemd/fedora-readonly index 4e8003a2..0690cd45 100755 --- a/systemd/fedora-readonly +++ b/systemd/fedora-readonly @@ -16,6 +16,12 @@ if [ -e "/sys/fs/selinux/enforce" ] && [ "$(cat /proc/self/attr/current)" != "ke fi fi +selinux_fixup() { + if [ -n "$SELINUX_STATE" ] && [ -e "$1" ]; then + restorecon -R "$1" + fi +} + # Only read this once. [ -z "${cmdline}" ] && cmdline=$(cat /proc/cmdline) @@ -75,7 +81,7 @@ if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then mount -n -t tmpfs $RW_OPTIONS $mountopts none "$RW_MOUNT" fi - for file in /etc/rwtab /etc/rwtab.d/* /dev/.initramfs/rwtab ; do + for file in /etc/rwtab /etc/rwtab.d/* /run/initramfs/rwtab ; do is_ignored_file "$file" && continue [ -f $file ] && cat $file | while read type path ; do case "$type" in @@ -91,12 +97,12 @@ if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then *) ;; esac - [ -n "$SELINUX_STATE" ] && [ -e "$path" ] && restorecon -R "$path" + selinux_fixup "$path" done done # Use any state passed by initramfs - [ -d /dev/.initramfs/state ] && cp -a /dev/.initramfs/state/* $RW_MOUNT + [ -d /run/initramfs/state ] && cp -a /run/initramfs/state/* $RW_MOUNT # In theory there should be no more than one network interface active # this early in the boot process -- the one we're booting from. @@ -153,14 +159,14 @@ if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then for path in $(grep -v "^#" "$file" 2>/dev/null); do mount_state "$path" - [ -n "$SELINUX_STATE" ] && [ -e "$path" ] && restorecon -R "$path" + selinux_fixup "$path" done done if [ -f "$STATE_MOUNT/files" ] ; then for path in $(grep -v "^#" "$STATE_MOUNT/files" 2>/dev/null); do mount_state "$path" - [ -n "$SELINUX_STATE" ] && [ -e "$path" ] && restorecon -R "$path" + selinux_fixup "$path" done fi fi |