Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build: adjustments for mer packaging
- don't build gui, Xorg sandbox and python2 tools - systemd unit dir adjustments
- Loading branch information
1 parent
67d0328
commit 9db44b1
Showing
7 changed files
with
153 additions
and
213 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
#!/bin/bash | ||
# | ||
# Do automatic relabelling | ||
# | ||
|
||
# . /etc/init.d/functions | ||
|
||
relabel_selinux() { | ||
# if /sbin/init is not labeled correctly this process is running in the | ||
# wrong context, so a reboot will be required after relabel | ||
AUTORELABEL= | ||
. /etc/selinux/config | ||
echo "0" > /sys/fs/selinux/enforce | ||
[ -x /bin/plymouth ] && plymouth --hide-splash | ||
|
||
if [ "$AUTORELABEL" = "0" ]; then | ||
echo | ||
echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. " | ||
echo $"*** /etc/selinux/config indicates you want to manually fix labeling" | ||
echo $"*** problems. Dropping you to a shell; the system will reboot" | ||
echo $"*** when you leave the shell." | ||
sulogin | ||
|
||
else | ||
echo | ||
echo $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required." | ||
echo $"*** Relabeling could take a very long time, depending on file" | ||
echo $"*** system size and speed of hard drives." | ||
|
||
FORCE=`cat /.autorelabel` | ||
[ -x "/usr/sbin/quotaoff" ] && /usr/sbin/quotaoff -aug | ||
/sbin/fixfiles $FORCE restore | ||
fi | ||
rm -f /.autorelabel | ||
/usr/lib/dracut/dracut-initramfs-restore | ||
systemctl --force reboot | ||
} | ||
|
||
# Check to see if a full relabel is needed | ||
if [ "$READONLY" != "yes" ]; then | ||
restorecon $(awk '!/^#/ && $4 !~ /noauto/ && $2 ~ /^\// { print $2 }' /etc/fstab) >/dev/null 2>&1 | ||
relabel_selinux | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
#!/bin/sh | ||
|
||
# This systemd.generator(7) detects if SELinux is running and if the | ||
# user requested an autorelabel, and if so sets the default target to | ||
# selinux-autorelabel.target, which will cause the filesystem to be | ||
# relabelled and then the system will reboot again and boot into the | ||
# real default target. | ||
|
||
PATH=/usr/sbin:$PATH | ||
unitdir=/usr/lib/systemd/system | ||
|
||
# If invoked with no arguments (for testing) write to /tmp. | ||
earlydir="/tmp" | ||
if [ -n "$2" ]; then | ||
earlydir="$2" | ||
fi | ||
|
||
set_target () | ||
{ | ||
ln -sf "$unitdir/selinux-autorelabel.target" "$earlydir/default.target" | ||
} | ||
|
||
if selinuxenabled; then | ||
if test -f /.autorelabel; then | ||
set_target | ||
elif grep -sqE "\bautorelabel\b" /proc/cmdline; then | ||
set_target | ||
fi | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
[Unit] | ||
Description=Mark the need to relabel after reboot | ||
DefaultDependencies=no | ||
Requires=local-fs.target | ||
Conflicts=shutdown.target | ||
After=local-fs.target | ||
Before=sysinit.target shutdown.target | ||
ConditionSecurity=!selinux | ||
ConditionPathIsDirectory=/etc/selinux | ||
ConditionPathExists=!/.autorelabel | ||
|
||
[Service] | ||
ExecStart=-/bin/touch /.autorelabel | ||
Type=oneshot | ||
RemainAfterExit=yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
[Unit] | ||
Description=Relabel all filesystems | ||
DefaultDependencies=no | ||
Conflicts=shutdown.target | ||
After=sysinit.target | ||
Before=shutdown.target | ||
ConditionSecurity=selinux | ||
|
||
[Service] | ||
ExecStart=/usr/libexec/selinux/selinux-autorelabel | ||
Type=oneshot | ||
TimeoutSec=0 | ||
RemainAfterExit=yes | ||
StandardInput=tty |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
[Unit] | ||
Description=Relabel all filesystems and reboot | ||
DefaultDependencies=no | ||
Requires=sysinit.target selinux-autorelabel.service | ||
Conflicts=shutdown.target | ||
After=sysinit.target selinux-autorelabel.service | ||
ConditionSecurity=selinux |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
diff --git a/restorecond/Makefile b/restorecond/Makefile | ||
index ada94ae..0de21fd 100644 | ||
--- a/restorecond/Makefile | ||
+++ b/restorecond/Makefile | ||
@@ -7,7 +7,7 @@ LIBDIR ?= $(PREFIX)/lib | ||
MANDIR = $(PREFIX)/share/man | ||
AUTOSTARTDIR = $(DESTDIR)/etc/xdg/autostart | ||
DBUSSERVICEDIR = $(DESTDIR)/usr/share/dbus-1/services | ||
-SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd | ||
+SYSTEMDDIR ?= $(DESTDIR)/lib/systemd | ||
|
||
autostart_DATA = sealertauto.desktop | ||
INITDIR ?= $(DESTDIR)/etc/rc.d/init.d |