setfiles consistently
Working on host systems without selinux, where the guest image does have selinux, creates a situation where the instance will have about a 1 minute delay on first boot because it must relabel. The previous check for sysfs assumes that the host system has selinux, which is not needed for the guest setfiles to work. Change-Id: Ic186a45991b6d80880ad635e9c80985612f53a05 Closes-bug: 1414200
This commit is contained in:
parent
cde4cef215
commit
9009b18869
@ -3,8 +3,7 @@
|
|||||||
set -eux
|
set -eux
|
||||||
set -o pipefail
|
set -o pipefail
|
||||||
|
|
||||||
if [ -d /sys/fs/selinux -a /etc/selinux/targeted/contexts/files/file_context\
|
if [ -e /etc/selinux/targeted/contexts/files/file_contexts -a -x /usr/sbin/setfiles ]; then
|
||||||
s -a -x /usr/sbin/setfiles ]; then
|
|
||||||
# Without fixing selinux file labels, sshd will run in the kernel_t domain
|
# Without fixing selinux file labels, sshd will run in the kernel_t domain
|
||||||
# instead of the sshd_t domain, making ssh connections fail with
|
# instead of the sshd_t domain, making ssh connections fail with
|
||||||
# "Unable to get valid context for <user>" error message
|
# "Unable to get valid context for <user>" error message
|
||||||
|
Loading…
x
Reference in New Issue
Block a user