| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
In policycoreutils-2.13+, restorecon changes its default behaviour,
and does not restore context if the file' type is correct, even its
mcs/mls level is incorrect.
We should force it always to restore file contexts in initscripts to
avoid issues.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is needed to build policy modules outside of the refpolicy.
Policy module build systems need to determine the name of the policy
that will be in effect on the target host. This allows them to
locate the policy headers that will be under
$sysroot/usr/share/selinux/$name/include. Given that there *could*
be more than one policy installed in the sysroot we can't assume
that the policy installed there is the only policy to build against.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
| |
Fix the hard-coded security type for /dev/null and /dev/console.
Check rootfs if support xattrs before do relabel.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This script will be installed as 0selinux-init, in runlevel S and
sequence number 0. It will start before any other init script.
* relabel /dev for restorecon/fixfiles running
* rebuild policy and relabel the rootfs if /.autorelabel placed.
* relabel the rootfs if it is first booting.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
|
|
Now, the default policy is "mls".
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
