Do not "cp" the selinux context

replace "cp -a" with $DRACUT_CP, so in case the selinux policy disallows
root to set the selinux context in /var/tmp, dracut does not fail.

diff --git a/dracut-init.sh b/dracut-init.sh
index 7f628ce964e81750fbdbeb0f7823493ff6a7426e..e8100a459cc6846ee6e4059df01b2ba4d10f62ed 100644 (file)
--- a/dracut-init.sh
+++ b/dracut-init.sh
@@ -19,6 +19,8 @@
 #
 export LC_MESSAGES=C
 
+export DRACUT_CP="cp --reflink=auto --sparse=auto --preserve=mode,timestamps,xattr,links -dfr"
+
 # is_func <command>
 # Check whether $1 is a function.
 is_func() {

diff --git a/dracut.sh b/dracut.sh
index 44d5bcb56c268118733f514c88786d5212092781..02b32645b21e5dfc9a15b4df42af51dce6df45c3 100755 (executable)
--- a/dracut.sh
+++ b/dracut.sh
@@ -1557,9 +1557,9 @@ for ((i=0; i < ${#include_src[@]}; i++)); do
                         mkdir -m 0755 -p "$object_destdir"
                         chmod --reference="$objectname" "$object_destdir"
                     fi
-                    cp --reflink=auto --sparse=auto -fa -t "$object_destdir" "$objectname"/*
+                    $DRACUT_CP -t "$object_destdir" "$objectname"/*
                 else
-                    cp --reflink=auto --sparse=auto -fa -t "$destdir" "$objectname"
+                    $DRACUT_CP -t "$destdir" "$objectname"
                 fi
             done
         fi
@@ -1671,7 +1671,7 @@ if [[ $acpi_override = yes ]] && [[ -d $acpi_table_dir ]]; then
     mkdir -p $_dest_dir
     for table in $acpi_table_dir/*.aml; do
         dinfo "   Adding ACPI table: $table"
-        cp -a $table $_dest_dir
+        $DRACUT_CP $table $_dest_dir
         create_early_cpio="yes"
     done
 fi

diff --git a/modules.d/10i18n/module-setup.sh b/modules.d/10i18n/module-setup.sh
index 9618aa7752d0835e6f3af5d1de34732ea7d80f0a..595b2dc31a34e8149bf96a47a8566da695ba3bb1 100755 (executable)
--- a/modules.d/10i18n/module-setup.sh
+++ b/modules.d/10i18n/module-setup.sh
@@ -114,7 +114,7 @@ install() {
 
         for _src in $(eval echo ${kbddir}/{${KBDSUBDIRS}}); do
             inst_dir "$_src"
-            cp --reflink=auto --sparse=auto -prfL -t "${initdir}/${_src}" "$_src"/*
+            $DRACUT_CP -L -t "${initdir}/${_src}" "$_src"/*
         done
 
         # remove unnecessary files

diff --git a/modules.d/95iscsi/iscsiroot.sh b/modules.d/95iscsi/iscsiroot.sh
index 38cbc5e4c5db4c0e2eb22fb5eda8415b1f32688a..379cc29647e48063aa57f9919c1bebf8f32570a9 100755 (executable)
--- a/modules.d/95iscsi/iscsiroot.sh
+++ b/modules.d/95iscsi/iscsiroot.sh
@@ -190,6 +190,7 @@ handle_netroot()
             if [ "$status" != "activating" ] && ! systemctl is-failed "$netroot_enc" >/dev/null 2>&1; then
                 systemd-run --no-block --service-type=oneshot --remain-after-exit --quiet \
                             --description="Login iSCSI Target $iscsi_target_name" \
+                            -p 'DefaultDependencies=no' \
                             --unit="$netroot_enc" -- \
                             $(command -v iscsistart) \
                             -i "$iscsi_initiator" -t "$iscsi_target_name"        \

diff --git a/modules.d/95terminfo/module-setup.sh b/modules.d/95terminfo/module-setup.sh
index ebe7a1669bb4fa7a14b0fd7bcd10032bcbe02c9a..1b572fab7808457d9d097c357ea0be73317b9420 100755 (executable)
--- a/modules.d/95terminfo/module-setup.sh
+++ b/modules.d/95terminfo/module-setup.sh
@@ -11,7 +11,7 @@ install() {
     if [ -d ${_terminfodir} ]; then
         for i in "l/linux" "v/vt100" "v/vt102" "v/vt220"; do
             inst_dir "$_terminfodir/${i%/*}"
-            cp --reflink=auto --sparse=auto -prfL -t "${initdir}/${_terminfodir}/${i%/*}" "$_terminfodir/$i"
+            $DRACUT_CP -L -t "${initdir}/${_terminfodir}/${i%/*}" "$_terminfodir/$i"
         done
     fi
 }