From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 3 Sep 2025 21:17:22 +0000 (+0900)
Subject: test: add comment about custom autorelabel.service
X-Git-Tag: v258-rc4~14^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b419e927ee1cfffb5591e2e796b3b41d15fd7509;p=thirdparty%2Fsystemd.git

test: add comment about custom autorelabel.service

Salvaged from ead814a0b0f64c572282b9e27a0a995893f10cf0.
---

diff --git a/test/units/autorelabel.service b/test/units/autorelabel.service
index 5f8386ee852..f0f4db397d0 100644
--- a/test/units/autorelabel.service
+++ b/test/units/autorelabel.service
@@ -1,4 +1,15 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
+
+# We use a custom autorelabel service instead of the SELinux provided set of
+# units & a generator, since the generator overrides the default target to the
+# SELinux one when it detects /.autorelabel. However, we use systemd.unit= on
+# the kernel command cmdline which always takes precedence, rendering all
+# SELinux efforts useless. Also, pulling in selinux-autorelabel.service
+# explicitly doesn't work either, as it doesn't check for the presence of
+# /.autorelabel and does the relabeling unconditionally which always ends with
+# a reboot, so we end up in a reboot loop (and it also spews quite a lot of
+# errors as it wants /etc/fstab and dracut-initramfs-restore).
+
 [Unit]
 Description=Relabel all filesystems
 DefaultDependencies=no