summaryrefslogtreecommitdiff
path: root/src/selinux-setup.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2011-04-04 16:56:51 +0200
committerLennart Poettering <lennart@poettering.net>2011-04-04 16:58:23 +0200
commit3bbecb2f2cd758e2513993efad01180c7c3c665f (patch)
tree06f076c37810747023d7f878b4efe2b8dc84445a /src/selinux-setup.c
parent9d8677dad260d7dc20146f8affe3d376daff7c19 (diff)
selinux: relabel /run the same way as /dev after loading the policy since they both come pre-filled and unlabelled
Diffstat (limited to 'src/selinux-setup.c')
-rw-r--r--src/selinux-setup.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/selinux-setup.c b/src/selinux-setup.c
index e21ff6bb9f..c32c7ad8db 100644
--- a/src/selinux-setup.c
+++ b/src/selinux-setup.c
@@ -43,9 +43,9 @@ int selinux_setup(char *const argv[]) {
return 0;
/* Before we load the policy we create a flag file to ensure
- * that after the reexec we iterate through /dev to relabel
- * things. */
- touch("/dev/.systemd-relabel-devtmpfs");
+ * that after the reexec we iterate through /run and /dev to
+ * relabel things. */
+ touch("/dev/.systemd-relabel-run-dev");
if (selinux_init_load_policy(&enforce) == 0) {
log_debug("Successfully loaded SELinux policy, reexecuting.");
@@ -60,7 +60,7 @@ int selinux_setup(char *const argv[]) {
} else {
log_full(enforce > 0 ? LOG_ERR : LOG_WARNING, "Failed to load SELinux policy.");
- unlink("/dev/.systemd-relabel-devtmpfs");
+ unlink("/dev/.systemd-relabel-run-dev");
if (enforce > 0)
return -EIO;