aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-security/selinux-scripts/selinux-autorelabel/selinux-autorelabel.sh
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-security/selinux-scripts/selinux-autorelabel/selinux-autorelabel.sh')
-rw-r--r--recipes-security/selinux-scripts/selinux-autorelabel/selinux-autorelabel.sh25
1 files changed, 25 insertions, 0 deletions
diff --git a/recipes-security/selinux-scripts/selinux-autorelabel/selinux-autorelabel.sh b/recipes-security/selinux-scripts/selinux-autorelabel/selinux-autorelabel.sh
new file mode 100644
index 0000000..25b6921
--- /dev/null
+++ b/recipes-security/selinux-scripts/selinux-autorelabel/selinux-autorelabel.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+/usr/sbin/selinuxenabled 2>/dev/null || exit 0
+
+FIXFILES=/sbin/fixfiles
+SETENFORCE=/usr/sbin/setenforce
+
+for i in ${FIXFILES} ${SETENFORCE}; do
+ test -x $i && continue
+ echo "$i is missing in the system."
+ echo "Please add \"selinux=0\" in the kernel command line to disable SELinux."
+ exit 1
+done
+
+# If /.autorelabel placed, the whole file system should be relabeled
+if [ -f /.autorelabel ]; then
+ echo "SELinux: /.autorelabel placed, filesystem will be relabeled..."
+ ${SETENFORCE} 0
+ ${FIXFILES} -F -f relabel
+ /bin/rm -f /.autorelabel
+ echo " * Relabel done, rebooting the system."
+ /sbin/reboot
+fi
+
+exit 0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-04 15:07:35 +0000