Home Explore Help
Register Sign In
OWEALs
/
procd
mirror of https://git.openwrt.org/project/procd.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

init: only relabel rootfs if started from initramfs

Do not relabel all the filesystem if not running from initramfs, it
should only be needed in this case.
Read-write (ext4) labels should be set when generating the filesystem
just like it's done for squashfs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle 1 year ago
parent
557c98e296
commit
7a00968535
1 changed files with 4 additions and 3 deletions
Split View Show Diff Stats
  1. 4 3
      initd/init.c

+ 4 - 3
initd/init.c
View File 

@@ -80,14 +80,15 @@ selinux(char **argv)
 
 	int ret;
 
 	int enforce = selinux_status_getenforce();
 
 
+	/* is SELinux already initialized? */
 
 	if (getenv("SELINUX_INIT")) {
 
-		/* SELinux already initialized */
 
-		if (getenv("SELINUX_RESTORECON")) {
 
+		/* have initramfs permissions already been restored? */
 
+		if (!getenv("INITRAMFS") || getenv("SELINUX_RESTORECON")) {
 
 			unsetenv("SELINUX_INIT");
 
 			unsetenv("SELINUX_RESTORECON");
 
 			return 0;
 
 		}
 
-		/* Second call: restore filesystem labels */
 
+		/* Second call (initramfs only): restore filesystem labels */
 
 		const char *exclude_list[] = { "/dev/console", "/proc", "/sys", 0 };
 
 		selinux_restorecon_set_exclude_list(exclude_list);
 
 		ret = selinux_restorecon("/", SELINUX_RESTORECON_RECURSE | SELINUX_RESTORECON_MASS_RELABEL);