From 9009b188698740e89be4ece69ec5d4ef95b4cf5f Mon Sep 17 00:00:00 2001 From: Abel Lopez Date: Fri, 23 Jan 2015 15:10:55 -0800 Subject: [PATCH] setfiles consistently Working on host systems without selinux, where the guest image does have selinux, creates a situation where the instance will have about a 1 minute delay on first boot because it must relabel. The previous check for sysfs assumes that the host system has selinux, which is not needed for the guest setfiles to work. Change-Id: Ic186a45991b6d80880ad635e9c80985612f53a05 Closes-bug: 1414200 --- elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore b/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore index db5b6695a..8e8adf2fa 100755 --- a/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore +++ b/elements/rpm-distro/finalise.d/11-selinux-fixfiles-restore @@ -3,8 +3,7 @@ set -eux set -o pipefail -if [ -d /sys/fs/selinux -a /etc/selinux/targeted/contexts/files/file_context\ -s -a -x /usr/sbin/setfiles ]; then +if [ -e /etc/selinux/targeted/contexts/files/file_contexts -a -x /usr/sbin/setfiles ]; then # Without fixing selinux file labels, sshd will run in the kernel_t domain # instead of the sshd_t domain, making ssh connections fail with # "Unable to get valid context for " error message