1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
|
#!/bin/bash
#
# fsck, mount, set quotas, and relabel filesystems.
#
. /etc/init.d/functions
PLYMOUTH=
[ -x /usr/bin/plymouth ] && PLYMOUTH=yes
# Check SELinux status
SELINUX_STATE=
if [ -e "/selinux/enforce" ] && [ "$(cat /proc/self/attr/current)" != "kernel" ]; then
if [ -r "/selinux/enforce" ] ; then
SELINUX_STATE=$(cat "/selinux/enforce")
else
# assume enforcing if you can't read it
SELINUX_STATE=1
fi
fi
disable_selinux() {
echo $"*** Warning -- SELinux is active"
echo $"*** Disabling security enforcement for system recovery."
echo $"*** Run 'setenforce 1' to reenable."
echo "0" > "/selinux/enforce"
}
relabel_selinux() {
# if /sbin/init is not labeled correctly this process is running in the
# wrong context, so a reboot will be required after relabel
AUTORELABEL=
. /etc/selinux/config
echo "0" > /selinux/enforce
[ -n "$PLYMOUTH" ] && plymouth --hide-splash
if [ "$AUTORELABEL" = "0" ]; then
echo
echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. "
echo $"*** /etc/selinux/config indicates you want to manually fix labeling"
echo $"*** problems. Dropping you to a shell; the system will reboot"
echo $"*** when you leave the shell."
sulogin
else
echo
echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required."
echo $"*** Relabeling could take a very long time, depending on file"
echo $"*** system size and speed of hard drives."
/sbin/fixfiles -F restore > /dev/null 2>&1
fi
rm -f /.autorelabel
echo $"Unmounting file systems"
umount -a
mount -n -o remount,ro /
echo $"Automatic reboot in progress."
reboot -f
}
[ -z "${cmdline}" ] && cmdline=$(cat /proc/cmdline)
if [ -f /fastboot ] || strstr "$cmdline" fastboot ; then
fastboot=yes
fi
if [ -f /fsckoptions ]; then
fsckoptions=$(cat /fsckoptions)
fi
if [ -f /forcefsck ] || strstr "$cmdline" forcefsck ; then
fsckoptions="-f $fsckoptions"
elif [ -f /.autofsck ]; then
[ -f /etc/sysconfig/autofsck ] && . /etc/sysconfig/autofsck
if [ "$AUTOFSCK_DEF_CHECK" = "yes" ]; then
AUTOFSCK_OPT="$AUTOFSCK_OPT -f"
fi
if [ -n "$AUTOFSCK_SINGLEUSER" ]; then
[ -n "$PLYMOUTH" ] && plymouth --hide-splash
echo
echo $"*** Warning -- the system did not shut down cleanly. "
echo $"*** Dropping you to a shell; the system will continue"
echo $"*** when you leave the shell."
[ -n "$SELINUX_STATE" ] && echo "0" > /selinux/enforce
sulogin
[ -n "$SELINUX_STATE" ] && echo "1" > /selinux/enforce
[ -n "$PLYMOUTH" ] && plymouth --show-splash
fi
fsckoptions="$AUTOFSCK_OPT $fsckoptions"
fi
if [ "$BOOTUP" = "color" ]; then
fsckoptions="-C $fsckoptions"
else
fsckoptions="-V $fsckoptions"
fi
READONLY=
if [ -f /etc/sysconfig/readonly-root ]; then
. /etc/sysconfig/readonly-root
fi
if strstr "$cmdline" readonlyroot ; then
READONLY=yes
[ -z "$RW_MOUNT" ] && RW_MOUNT=/var/lib/stateless/writable
[ -z "$STATE_MOUNT" ] && STATE_MOUNT=/var/lib/stateless/state
fi
if strstr "$cmdline" noreadonlyroot ; then
READONLY=no
fi
if [[ " $fsckoptions" != *" -y"* ]]; then
fsckoptions="-a $fsckoptions"
fi
_RUN_QUOTACHECK=0
if strstr "$cmdline" forcequotacheck || [ -f /forcequotacheck ] ; then
_RUN_QUOTACHECK=1
fi
if [ -z "$fastboot" -a "$READONLY" != "yes" ]; then
STRING=$"Checking filesystems"
echo $STRING
fsck -T -t noopts=_netdev -A $fsckoptions
rc=$?
if [ "$rc" -eq "0" ]; then
success "$STRING"
echo
elif [ "$rc" -eq "1" ]; then
passed "$STRING"
echo
elif [ "$rc" -eq "2" -o "$rc" -eq "3" ]; then
echo $"Unmounting file systems"
umount -a
mount -n -o remount,ro /
echo $"Automatic reboot in progress."
reboot -f
fi
# A return of 4 or higher means there were serious problems.
if [ $rc -gt 1 ]; then
[ -n "$PLYMOUTH" ] && plymouth --hide-splash
failure "$STRING"
echo
echo
echo $"*** An error occurred during the file system check."
echo $"*** Dropping you to a shell; the system will reboot"
echo $"*** when you leave the shell."
str=$"(Repair filesystem)"
PS1="$str \# # "; export PS1
[ "$SELINUX_STATE" = "1" ] && disable_selinux
sulogin
echo $"Unmounting file systems"
umount -a
mount -n -o remount,ro /
echo $"Automatic reboot in progress."
reboot -f
elif [ "$rc" -eq "1" ]; then
_RUN_QUOTACHECK=1
fi
fi
remount_needed() {
local state oldifs
[ "$READONLY" = "yes" ] && return 1
state=$(LC_ALL=C awk '/ \/ / && ($3 !~ /rootfs/) { print $4 }' /proc/mounts)
oldifs=$IFS
IFS=","
for opt in $state ; do
if [ "$opt" = "rw" ]; then
IFS=$oldifs
return 1
fi
done
IFS=$oldifs
return 0
}
# Remount the root filesystem read-write.
update_boot_stage RCmountfs
if remount_needed ; then
action $"Remounting root filesystem in read-write mode: " mount -n -o remount,rw /
fi
# Clean up SELinux labels
if [ -n "$SELINUX_STATE" ]; then
restorecon /etc/mtab /etc/ld.so.cache /etc/blkid/blkid.tab /etc/resolv.conf >/dev/null 2>&1
fi
# If relabeling, relabel mount points.
if [ -n "$SELINUX_STATE" -a "$READONLY" != "yes" ]; then
if strstr "$cmdline" autorelabel || [ -f /.autorelabel ] ; then
restorecon $(awk '!/^#/ && $4 !~ /noauto/ && $2 ~ /^\// { print $2 }' /etc/fstab) >/dev/null 2>&1
fi
fi
if [ "$READONLY" != "yes" ] ; then
# Clear mtab
(> /etc/mtab) &> /dev/null
# Remove stale backups
rm -f /etc/mtab~ /etc/mtab~~
# Enter mounted filesystems into /etc/mtab
mount -f /
mount -f /proc >/dev/null 2>&1
mount -f /sys >/dev/null 2>&1
mount -f /dev/pts >/dev/null 2>&1
mount -f /dev/shm >/dev/null 2>&1
mount -f /proc/bus/usb >/dev/null 2>&1
fi
# Mount all other filesystems (except for NFS and /proc, which is already
# mounted). Contrary to standard usage,
# filesystems are NOT unmounted in single user mode.
if [ "$READONLY" != "yes" ] ; then
action $"Mounting local filesystems: " mount -a -t nonfs,nfs4,smbfs,ncpfs,cifs,gfs,gfs2 -O no_netdev
else
action $"Mounting local filesystems: " mount -a -n -t nonfs,nfs4,smbfs,ncpfs,cifs,gfs,gfs2 -O no_netdev
fi
# Update quotas if necessary
if [ X"$_RUN_QUOTACHECK" = X1 ] && [ -x /sbin/quotacheck ]; then
action $"Checking local filesystem quotas: " /sbin/quotacheck -anug
fi
if [ -x /sbin/quotaon ]; then
action $"Enabling local filesystem quotas: " /sbin/quotaon -aug
fi
# Check to see if a full relabel is needed
if [ -n "$SELINUX_STATE" -a "$READONLY" != "yes" ]; then
if strstr "$cmdline" autorelabel || [ -f /.autorelabel ] ; then
relabel_selinux
fi
else
if [ "$READONLY" != "yes" ] && [ -d /etc/selinux ]; then
[ -f /.autorelabel ] || touch /.autorelabel
fi
fi
|
