7514fc066f
Hard coded path fails on Distros (such as el6) with setfiles bin in different places, for example, rhel6 has this in /sbin/setfiles Change-Id: I7aff9cdadd9aed9cfc806a1010acbf36b7b6d0e7
19 lines
661 B
Bash
Executable File
19 lines
661 B
Bash
Executable File
#!/bin/bash
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
SETFILES=$(which setfiles)
|
|
if [ -e /etc/selinux/targeted/contexts/files/file_contexts -a -x "${SETFILES}" ]; then
|
|
# Without fixing selinux file labels, sshd will run in the kernel_t domain
|
|
# instead of the sshd_t domain, making ssh connections fail with
|
|
# "Unable to get valid context for <user>" error message
|
|
setfiles /etc/selinux/targeted/contexts/files/file_contexts /
|
|
else
|
|
echo "Skipping SELinux relabel, since setfiles is not available."
|
|
echo "Touching /.autorelabel to schedule a relabel when the image boots."
|
|
touch /.autorelabel
|
|
fi
|