diskimage-builder/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore

16 lines
586 B
Text
Raw Normal View History

#!/bin/bash
set -eux
set -o pipefail
if [ -e /etc/selinux/targeted/contexts/files/file_contexts -a -x /usr/sbin/setfiles ]; then
# Without fixing selinux file labels, sshd will run in the kernel_t domain
# instead of the sshd_t domain, making ssh connections fail with
# "Unable to get valid context for <user>" error message
setfiles /etc/selinux/targeted/contexts/files/file_contexts /
else
echo "Skipping SELinux relabel, since setfiles is not available."
echo "Touching /.autorelabel to schedule a relabel when the image boots."
touch /.autorelabel
fi