Previously, system using systemd would label selinux contexts on first
boot. While system using sysvinit would label during build. Add a
variable FIRST_BOOT_RELABEL as a switch to control labeling to make the
behavior of sysvinit and systemd consistent.
Set FIRST_BOOT_RELABEL to 1 in local.conf to enable labeling on first
boot.
Signed-off-by: Yi Zhao <yi.z...@windriver.com>
---
recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb
b/recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb
index a919445..9fd066c 100644
--- a/recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb
+++ b/recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb
@@ -20,7 +20,7 @@ INITSCRIPT_PARAMS = "start 01 S ."
require selinux-initsh.inc
do_install:append() {
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false',
d)}; then
- echo "# first boot relabelling" > ${D}/.autorelabel
- fi
+ if ${@bb.utils.contains('FIRST_BOOT_RELABEL', '1', 'true', 'false', d)};
then
+ echo "# first boot relabelling" > ${D}/.autorelabel
+ fi
}
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#61071): https://lists.yoctoproject.org/g/yocto/message/61071
Mute This Topic: https://lists.yoctoproject.org/mt/101514280/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
