From 80d5f7d27b5da8617d1058e2b5251a0a9076e507 Mon Sep 17 00:00:00 2001 From: Robin Johnson Date: Fri, 3 Dec 2010 23:49:34 -0600 Subject: fix selinux context for rc-svcdir (bug #347503) --- sh/init.sh.Linux.in | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/sh/init.sh.Linux.in b/sh/init.sh.Linux.in index f4f69737..0e581c10 100644 --- a/sh/init.sh.Linux.in +++ b/sh/init.sh.Linux.in @@ -6,6 +6,17 @@ # This basically mounts $RC_SVCDIR as a ramdisk. # The tricky part is finding something our kernel supports # tmpfs and ramfs are easy, so force one or the other. +svcdir_restorecon() +{ + local rc=0 + if [ -x /usr/sbin/selinuxenabled -a -c /selinux/null ] && + selinuxenabled; then + restorecon $RC_SVCDIR + rc=$? + fi + return $rc +} + mount_svcdir() { # mount from fstab if we can @@ -16,8 +27,12 @@ mount_svcdir() # Some buggy kernels report tmpfs even when not present :( if grep -Eq "[[:space:]]+tmpfs$" /proc/filesystems; then - mount -n -t tmpfs $fsopts,mode=755,size=${svcsize}k \ - rc-svcdir "$RC_SVCDIR" && return 0 + local tmpfsopts="${fsopts},mode=755,size=${svcsize}k" + mount -n -t tmpfs $tmpfsopts rc-svcdir "$RC_SVCDIR" + if [ $? -eq 0 ]; then + svcdir_restorecon + [ $? -eq 0 ] && return 0 + fi fi if grep -Eq "[[:space:]]+ramfs$" /proc/filesystems; then @@ -38,6 +53,10 @@ mount_svcdir() fi mount -n -t "$fs" $fsopts rc-svcdir "$RC_SVCDIR" + if [ $? -eq 0 ]; then + svcdir_restorecon + [ $? -eq 0 ] && return 0 + fi } . "$RC_LIBEXECDIR"/sh/functions.sh -- cgit v1.2.3