From f156bc995b45e8242b8d5e851f988ecdb5505261 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Tue, 2 Mar 2021 16:52:05 +0800 Subject: initscripts: restore security contexts after running populate-volatile.sh Some directories are created by populate-volatile.sh. We need to restore their security contexts. Before the patch: $ ls -dZ /tmp /var/tmp /var/lock /var/run system_u:object_r:root_t /tmp system_u:object_r:var_t /var/lock system_u:object_r:var_t /var/run system_u:object_r:var_t /var/tmp After the patch: $ ls -dZ /tmp /var/tmp /var/lock /var/run system_u:object_r:tmp_t /tmp system_u:object_r:var_lock_t /var/lock system_u:object_r:var_run_t /var/run system_u:object_r:tmp_t /var/tmp Signed-off-by: Yi Zhao Signed-off-by: Joe MacDonald --- recipes-core/initscripts/initscripts-1.0_selinux.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-core/initscripts/initscripts-1.0_selinux.inc b/recipes-core/initscripts/initscripts-1.0_selinux.inc index 6e8a9b6..bf798e7 100644 --- a/recipes-core/initscripts/initscripts-1.0_selinux.inc +++ b/recipes-core/initscripts/initscripts-1.0_selinux.inc @@ -4,7 +4,7 @@ do_install_append () { cat <<-EOF >> ${D}${sysconfdir}/init.d/populate-volatile.sh touch /var/log/lastlog test ! -x /sbin/restorecon || /sbin/restorecon -iRF /var/volatile/ /var/lib /run \ - /etc/resolv.conf /etc/adjtime + /etc/resolv.conf /etc/adjtime /tmp /var/tmp /var/log /var/lock /var/run EOF sed -i '/mount -n -o remount,$rootmode/i\test ! -x /sbin/restorecon || /sbin/restorecon -iRF /run' \ ${D}${sysconfdir}/init.d/checkroot.sh -- cgit v1.2.3-54-g00ecf