initscripts: restore security contexts after running populate-volatile.sh

Some directories are created by populate-volatile.sh. We need to restore their security contexts. Before the patch: $ ls -dZ /tmp /var/tmp /var/lock /var/run system_u:object_r:root_t /tmp system_u:object_r:var_t /var/lock system_u:object_r:var_t /var/run system_u:object_r:var_t /var/tmp After the patch: $ ls -dZ /tmp /var/tmp /var/lock /var/run system_u:object_r:tmp_t /tmp system_u:object_r:var_lock_t /var/lock system_u:object_r:var_run_t /var/run system_u:object_r:tmp_t /var/tmp Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Yi Zhao <yi.zhao@windriver.com> 2021-03-02 16:52:05 +0800
committer: Joe MacDonald <joe@deserted.net> 2021-03-03 13:55:58 -0500
commit: f156bc995b45e8242b8d5e851f988ecdb5505261 (patch)
tree: 3e0ee82be9f368167134e78369e7eb64b34b0050
parent: fe5a41ec9b5557493a8edb8f411f05f50ac7e1a6 (diff)
download: meta-selinux-f156bc995b45e8242b8d5e851f988ecdb5505261.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/recipes-core/initscripts/initscripts-1.0_selinux.inc b/recipes-core/initscripts/initscripts-1.0_selinux.inc
index 6e8a9b6..bf798e7 100644
--- a/recipes-core/initscripts/initscripts-1.0_selinux.inc
+++ b/recipes-core/initscripts/initscripts-1.0_selinux.inc
@@ -4,7 +4,7 @@ do_install_append () {
        cat <<-EOF >> ${D}${sysconfdir}/init.d/populate-volatile.sh
 touch /var/log/lastlog
 test ! -x /sbin/restorecon || /sbin/restorecon -iRF /var/volatile/ /var/lib /run \
-    /etc/resolv.conf /etc/adjtime
+    /etc/resolv.conf /etc/adjtime /tmp /var/tmp /var/log /var/lock /var/run
 EOF
        sed -i '/mount -n -o remount,$rootmode/i\test ! -x /sbin/restorecon || /sbin/restorecon -iRF /run' \
            ${D}${sysconfdir}/init.d/checkroot.sh
author	Yi Zhao <yi.zhao@windriver.com>	2021-03-02 16:52:05 +0800
committer	Joe MacDonald <joe@deserted.net>	2021-03-03 13:55:58 -0500
commit	f156bc995b45e8242b8d5e851f988ecdb5505261 (patch)
tree	3e0ee82be9f368167134e78369e7eb64b34b0050
parent	fe5a41ec9b5557493a8edb8f411f05f50ac7e1a6 (diff)
download	meta-selinux-f156bc995b45e8242b8d5e851f988ecdb5505261.tar.gz

diff --git a/recipes-core/initscripts/initscripts-1.0_selinux.inc b/recipes-core/initscripts/initscripts-1.0_selinux.inc index 6e8a9b6..bf798e7 100644 --- a/recipes-core/initscripts/initscripts-1.0_selinux.inc +++ b/recipes-core/initscripts/initscripts-1.0_selinux.inc
@@ -4,7 +4,7 @@ do_install_append () {
4	cat <<-EOF >> ${D}${sysconfdir}/init.d/populate-volatile.sh	4	cat <<-EOF >> ${D}${sysconfdir}/init.d/populate-volatile.sh
5	touch /var/log/lastlog	5	touch /var/log/lastlog
6	test ! -x /sbin/restorecon \|\| /sbin/restorecon -iRF /var/volatile/ /var/lib /run \	6	test ! -x /sbin/restorecon \|\| /sbin/restorecon -iRF /var/volatile/ /var/lib /run \
7	/etc/resolv.conf /etc/adjtime	7	/etc/resolv.conf /etc/adjtime /tmp /var/tmp /var/log /var/lock /var/run
8	EOF	8	EOF
9	sed -i '/mount -n -o remount,$rootmode/i\test ! -x /sbin/restorecon \|\| /sbin/restorecon -iRF /run' \	9	sed -i '/mount -n -o remount,$rootmode/i\test ! -x /sbin/restorecon \|\| /sbin/restorecon -iRF /run' \
10	${D}${sysconfdir}/init.d/checkroot.sh	10	${D}${sysconfdir}/init.d/checkroot.sh