shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-08-24 09:49:49 +03:00
Code Activity

selinux: check PID 1 label instead of /selinux mount point to figure out if selinux is already initialized

Browse Source
This commit is contained in:
Lennart Poettering
2011-07-25 21:59:05 +02:00
parent 871e580949
commit 0843f2d65e
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/selinux-setup.c
View File

@ -38,11 +38,18 @@ int selinux_setup(char *const argv[]) {
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
int enforce = 0; int enforce = 0;
usec_t n; usec_t n;
security_context_t con;
/* Already initialized? */ /* Already initialized? */
if (path_is_mount_point("/sys/fs/selinux") > 0 || if (getcon_raw(&con) == 0) {
path_is_mount_point("/selinux") > 0) bool initialized;
return 0;
initialized = !streq(con, "kernel");
freecon(con);
if (initialized)
return 0;
}
/* Before we load the policy we create a flag file to ensure /* Before we load the policy we create a flag file to ensure
* that after the reexec we iterate through /run and /dev to * that after the reexec we iterate through /run and /dev to