selinux: selinuxfs can be mounted on /sys/fs/selinux

The kernel now provides the /sys/fs/selinux mountpoint and libselinux prefers it if it's available. systemd currently tests only for /selinux and this leads to an infinite loop of policy reloads in the latest Rawhide. Fix it by checking both possible mountpoints. Also add the new path to ignore_paths[]. /selinux appears also in nspawn.c. I don't think it's necessary to change it there at this point. https://bugzilla.redhat.com/show_bug.cgi?id=711015
author: Michal Schmidt <mschmidt@redhat.com> 2011-06-07 00:48:16 +0200
committer: Kay Sievers <kay.sievers@vrfy.org> 2011-06-07 00:53:39 +0200
commit: ef9d7dca5463e64510e174d55a869b4d5a3c4e84 (patch)
tree: e25de95c51daa6dcf4d9d8793eb434cb1f4d7c87 /src/selinux-setup.c
parent: aae5220d961a419a1e160de90ee5c393c7c13607 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/selinux-setup.c b/src/selinux-setup.c
index c32c7ad8db..9ff27dcd77 100644
--- a/src/selinux-setup.c
+++ b/src/selinux-setup.c
@@ -39,7 +39,8 @@ int selinux_setup(char *const argv[]) {
        int enforce = 0;
 
        /* Already initialized? */
-       if (path_is_mount_point("/selinux") > 0)
+       if (path_is_mount_point("/sys/fs/selinux") > 0 ||
+           path_is_mount_point("/selinux") > 0)
                return 0;
 
        /* Before we load the policy we create a flag file to ensure
author	Michal Schmidt <mschmidt@redhat.com>	2011-06-07 00:48:16 +0200
committer	Kay Sievers <kay.sievers@vrfy.org>	2011-06-07 00:53:39 +0200
commit	ef9d7dca5463e64510e174d55a869b4d5a3c4e84 (patch)
tree	e25de95c51daa6dcf4d9d8793eb434cb1f4d7c87 /src/selinux-setup.c
parent	aae5220d961a419a1e160de90ee5c393c7c13607 (diff)