diff options
author | David Howells <dhowells@redhat.com> | 2010-04-26 14:54:17 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2010-04-26 14:54:17 +0100 |
commit | 29e362556ed15e8504b61dc8f3a9100140b41432 (patch) | |
tree | 3916a79bdff38a8e91b094f3439d8921f8ac8550 | |
parent | b1351143e36132b816bcaf4fbda00e01ee025eaf (diff) | |
download | cachefilesd-29e362556ed15e8504b61dc8f3a9100140b41432.tar.gz |
SELinux: Make the initscript to a restorecon on various files
Make the initscript to a restorecon on various files to make sure they have the
right security context.
Signed-off-by: David Howells <dhowells@redhat.com>
-rwxr-xr-x | cachefilesd.initd | 8 | ||||
-rw-r--r-- | redhat/cachefilesd.spec | 2 |
2 files changed, 9 insertions, 1 deletions
diff --git a/cachefilesd.initd b/cachefilesd.initd index 06c4237..c1856dd 100755 --- a/cachefilesd.initd +++ b/cachefilesd.initd @@ -19,13 +19,14 @@ fi [ "${NETWORKING}" = "no" ] && exit 0 -OPTIONS="" RETVAL=0 +CONFFILE=/etc/cachefilesd.conf LOCKFILE=/var/lock/subsys/cachefilesd PIDFILE=/var/run/cachefilesd.pid MODPROBE=/sbin/modprobe MODPROBE_ARGS="" PROG="cachefilesd" +OPTIONS="-f $CONFFILE" [ ! -x /sbin/$PROG ] && exit 0 @@ -42,6 +43,11 @@ case "$1" in echo -n $"Starting $PROG: " + # Set security contexts + /sbin/restorecon /sbin/cachefilesd + /sbin/restorecon /dev/cachefiles + /sbin/restorecon -R `awk -- '/^dir/ { print $2 }' $CONFFILE` + # Load the cachefiles module if needed [ -x "$MODPROBE" ] && { if ! /sbin/lsmod | grep cachefiles > /dev/null ; then diff --git a/redhat/cachefilesd.spec b/redhat/cachefilesd.spec index 40a9747..e7f89c3 100644 --- a/redhat/cachefilesd.spec +++ b/redhat/cachefilesd.spec @@ -87,6 +87,8 @@ fi - The SELinux policies for cachefilesd now live in the selinux-policy RPM, so the cachefilesd-selinux RPM is now redundant. - Move the default cache dir to /var/cache/fscache. +- Make the initscript do a restorecon when starting the cache to make sure the + labels are correct. * Thu Feb 25 2010 David Howells <dhowells@redhat.com> - Fix the SELinux policies for cachefilesd. |