| xf.li | 8611891 | 2025-03-19 20:07:27 -0700 | [diff] [blame^] | 1 | #!/bin/sh |
| 2 | |
| 3 | /usr/sbin/selinuxenabled 2>/dev/null || exit 0 |
| 4 | |
| 5 | CHCON=/usr/bin/chcon |
| 6 | MATCHPATHCON=/usr/sbin/matchpathcon |
| 7 | RESTORECON=/sbin/restorecon |
| 8 | |
| 9 | mkdir -p /dev/socket -m 777 |
| 10 | for i in ${CHCON} ${MATCHPATHCON} ${RESTORECON}; do |
| 11 | test -x $i && continue |
| 12 | echo "$i is missing in the system." |
| 13 | echo "Please add \"selinux=0\" in the kernel command line to disable SELinux." |
| 14 | exit 1 |
| 15 | done |
| 16 | |
| 17 | # Because /dev/console is not relabeled by kernel, many commands |
| 18 | # would can not use it, including restorecon. |
| 19 | ${CHCON} -t `${MATCHPATHCON} -n /dev/null | cut -d: -f3` /dev/null |
| 20 | ${CHCON} -t `${MATCHPATHCON} -n /dev/console | cut -d: -f3` /dev/console |
| 21 | |
| 22 | # Now, we should relabel /dev for most services. |
| 23 | mkdir -p /dev/socket -m 777 |
| 24 | ${RESTORECON} -RF /dev |
| 25 | |
| 26 | exit 0 |