projects / platform / upstream / dracut.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8ec1562)
98selinux: use setenforce to force permissive mode
authorHarald Hoyer <harald@redhat.com>
Thu, 11 Aug 2011 09:29:50 +0000 (11:29 +0200)
committerHarald Hoyer <harald@redhat.com>
Thu, 11 Aug 2011 12:27:25 +0000 (14:27 +0200)
modules.d/98selinux/module-setup.sh patch | blob | history
modules.d/98selinux/selinux-loadpolicy.sh patch | blob | history

diff --git a/modules.d/98selinux/module-setup.sh b/modules.d/98selinux/module-setup.sh
index 316b552..78e8cf8 100755 (executable)
--- a/modules.d/98selinux/module-setup.sh
+++ b/modules.d/98selinux/module-setup.sh
@@ -12,5 +12,6 @@ depends() {
 
 install() {
     inst_hook pre-pivot 50 "$moddir/selinux-loadpolicy.sh"
+    dracut_install setenforce
 }
 
diff --git a/modules.d/98selinux/selinux-loadpolicy.sh b/modules.d/98selinux/selinux-loadpolicy.sh
index 9d4cac5..6eb1dbb 100755 (executable)
--- a/modules.d/98selinux/selinux-loadpolicy.sh
+++ b/modules.d/98selinux/selinux-loadpolicy.sh
@@ -42,7 +42,7 @@ rd_load_policy()
 
         if [ $ret -eq 0 -o $ret -eq 2 ]; then
             # If machine requires a relabel, force to permissive mode
-            [ -e "$NEWROOT"/.autorelabel ] && ( echo 0 > "$NEWROOT"/selinux/enforce )
+            [ -e "$NEWROOT"/.autorelabel ] && LANG=C /usr/sbin/setenforce 0
             mount --bind /dev "$NEWROOT/dev"
             LANG=C chroot "$NEWROOT" /sbin/restorecon -R /dev
             return 0
Domain: System / Base;