From 67162fda11a656c2568ffd75e24d379db1ea48a2 Mon Sep 17 00:00:00 2001
From: Konrad Lipinski <k.lipinski2@samsung.com>
Date: Mon, 17 Jan 2022 14:22:41 +0100
Subject: [PATCH] Security upgrade: always set dummy_file mode/label

Prior to this commit, the script only changed the mode/label if the file
has not existed before. If the script ever managed to touch the file and
then got killed, the file's mode/label would never get properly adjusted
when running the script again.

Change-Id: I707870eea9abb63ccf10e8c54fb3ca984e92196a
---
 upgrade/201.security_upgrade.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/upgrade/201.security_upgrade.sh b/upgrade/201.security_upgrade.sh
index 8aae085..7a7a2d9 100644
--- a/upgrade/201.security_upgrade.sh
+++ b/upgrade/201.security_upgrade.sh
@@ -29,9 +29,9 @@ sqlite3 /opt/dbspace/.policy.db "UPDATE prevent_list SET UID=$global_uid WHERE U
 if [ ! -e /opt/share/security-config/dummy_file ]
 then
 	touch /opt/share/security-config/dummy_file
-	chmod 600 /opt/share/security-config/dummy_file
-	chsmack -a "_" /opt/share/security-config/dummy_file
 fi
+chmod 600 /opt/share/security-config/dummy_file
+chsmack -a "_" /opt/share/security-config/dummy_file
 
 # start cynara & security-manager
 systemctl start security-manager-rules-loader
-- 
2.34.1