From edbe224afa7d6fe5a9cfccb1b49e661d364a5a01 Mon Sep 17 00:00:00 2001
From: Bill Nottingham <notting@redhat.com>
Date: Tue, 29 Jun 2010 12:53:37 -0400
Subject: Don't directly execute bash for single-user mode, as that has SELinux
 issues. (#540216, #584443, #585053)

If upstart directly runs bash for single-user mode, there's no way for
SELinux to set the proper context (to distinguish it from other init scripts).
Inserting a helper binary in the way allows for this.

While we're changing this, we make it configurable so it's easily possible
for people to use sulogin if they so desire.
---
 src/sushell   |  5 +++++
 src/sushell.8 | 16 ++++++++++++++++
 2 files changed, 21 insertions(+)
 create mode 100755 src/sushell
 create mode 100644 src/sushell.8

(limited to 'src')

diff --git a/src/sushell b/src/sushell
new file mode 100755
index 00000000..7d969416
--- /dev/null
+++ b/src/sushell
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+[ -z "$SUSHELL" ] && SUSHELL=/bin/bash
+
+exec $SUSHELL
diff --git a/src/sushell.8 b/src/sushell.8
new file mode 100644
index 00000000..9832a732
--- /dev/null
+++ b/src/sushell.8
@@ -0,0 +1,16 @@
+.TH SUSHELL 8 "Red Hat, Inc" \" -*- nroff -*-
+.SH NAME
+sushell \- execute the single-user shell
+.SH SYNOPSIS
+.B sushell
+.SH DESCRIPTION
+.B sushell
+executes the single-user shell. By default, this is
+\fI/bin/bash\fP
+This can be configured via the
+.B SUSHELL
+environment variable.
+.SH NOTES
+.B sushell
+is an implementation detail, required for proper SELinux
+usage. It is not intended to be run regularly.
-- 
cgit v1.2.1