be68ccafef
With rpm-ostree, /var/ directory doesn't contain any file, just directories. It means that SELinux policy can't be managed or rebuilt and users have to use only the default policy. This update adds /usr/share/selinux/POLICYTYPE/default directory and selinux-factory-reset service. /var/lib/selinux/POLICYTYPE/active selinux-reset-policy
18 lines
322 B
Bash
Executable File
18 lines
322 B
Bash
Executable File
#!/bin/bash
|
|
|
|
if [ ! -f /etc/selinux/config ]; then
|
|
SELINUXTYPE=none
|
|
else
|
|
source /etc/selinux/config
|
|
fi
|
|
|
|
cp -R --preserve=mode,ownership,timestamps,links /usr/share/selinux/$1/default/* /var/lib/selinux/$1
|
|
|
|
if selinuxenabled; then
|
|
semodule -B -n
|
|
|
|
if [ "$1" = "$SELINUXTYPE" ]; then
|
|
reboot
|
|
fi
|
|
fi
|