From 7800cc247e21727386d9985acdcf453391a7689c Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Mon, 15 Feb 2010 12:58:00 +0100
Subject: [PATCH] fix selinux disabled state

Execute load-policy when the config file contains SELINUX=disabled.
---
 modules.d/99base/selinux-loadpolicy.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/modules.d/99base/selinux-loadpolicy.sh b/modules.d/99base/selinux-loadpolicy.sh
index 5b91ee6..f3bacec 100755
--- a/modules.d/99base/selinux-loadpolicy.sh
+++ b/modules.d/99base/selinux-loadpolicy.sh
@@ -7,10 +7,11 @@ rd_load_policy()
     SELINUX="enforcing"
     [ -e "$NEWROOT/etc/selinux/config" ] && . "$NEWROOT/etc/selinux/config"
 
+    disabled=0
     # If SELinux is disabled exit now 
     getarg "selinux=0" > /dev/null
     if [ $? -eq 0 -o "$SELINUX" = "disabled" ]; then
-	return 0
+	disabled=1
     fi
 
     # Check whether SELinux is in permissive mode
@@ -36,6 +37,10 @@ rd_load_policy()
             fi
 	} 2>&1 | vinfo
 
+	if [ $disabled -eq 1 ]; then
+	    return 0;
+	fi
+
 	if [ $ret -eq 0 -o $ret -eq 2 ]; then
 	    # If machine requires a relabel, force to permissive mode
 	    [ -e "$NEWROOT"/.autorelabel ] && ( echo 0 > "$NEWROOT"/selinux/enforce )
-- 
2.7.4