selinux: relabel /run the same way as /dev after loading the policy since they both come pre-filled and unlabelled

author: Lennart Poettering <lennart@poettering.net> 2011-04-04 16:56:51 +0200
committer: Lennart Poettering <lennart@poettering.net> 2011-04-04 16:58:23 +0200
commit: 3bbecb2f2cd758e2513993efad01180c7c3c665f (patch)
tree: 06f076c37810747023d7f878b4efe2b8dc84445a /src/selinux-setup.c
parent: 9d8677dad260d7dc20146f8affe3d376daff7c19 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/src/selinux-setup.c b/src/selinux-setup.c
index e21ff6bb9f..c32c7ad8db 100644
--- a/src/selinux-setup.c
+++ b/src/selinux-setup.c
@@ -43,9 +43,9 @@ int selinux_setup(char *const argv[]) {
                return 0;
 
        /* Before we load the policy we create a flag file to ensure
-        * that after the reexec we iterate through /dev to relabel
-        * things. */
-       touch("/dev/.systemd-relabel-devtmpfs");
+        * that after the reexec we iterate through /run and /dev to
+        * relabel things. */
+       touch("/dev/.systemd-relabel-run-dev");
 
        if (selinux_init_load_policy(&enforce) == 0) {
                log_debug("Successfully loaded SELinux policy, reexecuting.");
@@ -60,7 +60,7 @@ int selinux_setup(char *const argv[]) {
        } else {
                log_full(enforce > 0 ? LOG_ERR : LOG_WARNING, "Failed to load SELinux policy.");
 
-               unlink("/dev/.systemd-relabel-devtmpfs");
+               unlink("/dev/.systemd-relabel-run-dev");
 
                if (enforce > 0)
                        return -EIO;
author	Lennart Poettering <lennart@poettering.net>	2011-04-04 16:56:51 +0200
committer	Lennart Poettering <lennart@poettering.net>	2011-04-04 16:58:23 +0200
commit	3bbecb2f2cd758e2513993efad01180c7c3c665f (patch)
tree	06f076c37810747023d7f878b4efe2b8dc84445a /src/selinux-setup.c
parent	9d8677dad260d7dc20146f8affe3d376daff7c19 (diff)