core/execute: don't reload selinux before spawning executor

author Mike Yuan <me@yhndnzj.com>

Fri, 12 Jan 2024 07:13:29 +0000 (15:13 +0800)

committer Mike Yuan <me@yhndnzj.com>

Fri, 12 Jan 2024 09:17:37 +0000 (17:17 +0800)
author Mike Yuan <me@yhndnzj.com>
Fri, 12 Jan 2024 07:13:29 +0000 (15:13 +0800)
committer Mike Yuan <me@yhndnzj.com>
Fri, 12 Jan 2024 09:17:37 +0000 (17:17 +0800)
diff --git a/src/core/execute.c b/src/core/execute.c

index e71763763c47d78ea8d5ec75f80a39836483b29f..5c10aabc7ef3c0731f06f9aaf0ac4ea359a06cd2 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -382,10 +382,6 @@ int exec_spawn(Unit *unit,
          if (r < 0)
                  return log_unit_error_errno(unit, r, "Failed to load environment files: %m");
  
-        /* Fork with up-to-date SELinux label database, so the child inherits the up-to-date db
-           and, until the next SELinux policy changes, we save further reloads in future children. */
-        mac_selinux_maybe_reload();
-
          /* We won't know the real executable path until we create the mount namespace in the child, but we
             want to log from the parent, so we use the possibly inaccurate path here. */
          log_command_line(unit, "About to execute", command->path, command->argv);
author	Mike Yuan <me@yhndnzj.com>
	Fri, 12 Jan 2024 07:13:29 +0000 (15:13 +0800)
committer	Mike Yuan <me@yhndnzj.com>
	Fri, 12 Jan 2024 09:17:37 +0000 (17:17 +0800)