From: Harald Hoyer <harald@redhat.com>
Date: Tue, 8 Sep 2009 14:26:37 +0000 (+0200)
Subject: selinux-loadpolicy.sh: mount /proc and /selinux before loading the
X-Git-Tag: 002~62
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f5c4374d2c6f17c9c45feb53398537e30ceab6d2;p=thirdparty%2Fdracut.git

selinux-loadpolicy.sh: mount /proc and /selinux before loading the
policies

also check for /sbin/load_policy
---

diff --git a/modules.d/99base/selinux-loadpolicy.sh b/modules.d/99base/selinux-loadpolicy.sh
index 13e013426..0dd296b07 100755
--- a/modules.d/99base/selinux-loadpolicy.sh
+++ b/modules.d/99base/selinux-loadpolicy.sh
@@ -1,13 +1,24 @@
 #!/bin/sh
 # FIXME: load selinux policy.  this should really be done after we switchroot 
-if [ -x "$NEWROOT/usr/sbin/load_policy" ] && [ -e "$NEWROOT/etc/sysconfig/selinux" ]; then
+
+if [ -x "$NEWROOT/usr/sbin/load_policy" -o -x "$NEWROOT/sbin/load_policy" ] && [ -e "$NEWROOT/etc/sysconfig/selinux" ]; then
+    info "Loading SELinux policy"
     {
-    chroot $NEWROOT /usr/sbin/load_policy -i 2>&1 
+    chroot "$NEWROOT" /bin/mount -t selinuxfs selinuxfs /selinux
+    chroot "$NEWROOT" /bin/mount -t proc proc  /proc
+
+    if [ -x "$NEWROOT/sbin/load_policy" ]; then
+        chroot "$NEWROOT" /sbin/load_policy -i 2>&1
+    else
+        chroot "$NEWROOT" /usr/sbin/load_policy -i 2>&1
+    fi
+
     if [ $? -eq 3 ]; then
 	warn "Initial SELinux policy load failed and enforcing mode requested."
 	warn "Not continuing"
 	sleep 100d
 	exit 1
     fi
+    chroot "$NEWROOT" /bin/umount /proc
     } | vinfo
 fi