[oe] [PATCH][meta-networking] iscsi-initiator-utils: fix SELinux label for initiatorname.iscsi
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Wed Feb 4 09:33:32 UTC 2015
From: Wenzong Fan <wenzong.fan at windriver.com>
* /etc/iscsi/initiatorname.iscsi: etc_runtime_t -> etc_t
This config file was created by postinstall or initscript, fix SELinux
label for it to remove:
avc: denied { read } for pid=6094 comm="iscsid" \
name="initiatorname.iscsi" dev="sda3" ino=1057846 \
scontext=system_u:system_r:iscsid_t:s0-s15:c0.c1023 \
tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file
Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
.../recipes-daemons/iscsi-initiator-utils/files/initd.debian | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian
index 99a7638..43fb348 100644
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian
@@ -39,6 +39,10 @@ start() {
InitiatorName=$INITIATORNAME
EOF
fi
+
+ # Fix label for /etc/iscsi/initiatorname.iscsi if SELinux was enabled
+ test ! -x /sbin/restorecon || /sbin/restorecon -F /etc/iscsi/initiatorname.iscsi
+
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
RETVAL=$?
starttargets
--
1.9.1
More information about the Openembedded-devel
mailing list