summaryrefslogtreecommitdiff
path: root/units
diff options
context:
space:
mode:
authorColin Walters <walters@verbum.org>2014-02-21 03:29:00 +0100
committerLennart Poettering <lennart@poettering.net>2014-02-21 03:30:18 +0100
commit37f78db2f4a33474fc349f406b0a0a48e9c573a2 (patch)
tree9dccace64bf1c211d0dac096baa2675936d3d3d8 /units
parentfdc8509fb61965698b7a54e3d0ac094650f21cad (diff)
selinux: Don't attempt to load policy in initramfs if it doesn't exist
Currently on at least Fedora, SELinux policy does not come in the initramfs. systemd will attempt to load *both* in the initramfs and in the real root. Now, the selinux_init_load_policy() API has a regular error return value, as well as an "enforcing" boolean. To determine enforcing state, it looks for /etc/selinux/config as well as the presence of "enforcing=" on the kernel command line. Ordinarily, neither of those exist in the initramfs, so it will return "unknown" for enforcing, and systemd will simply ignore the failure to load policy.
Diffstat (limited to 'units')
0 files changed, 0 insertions, 0 deletions