diff options
| -rw-r--r-- | src/selinux-setup.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/src/selinux-setup.c b/src/selinux-setup.c index f400f416da..620c49e686 100644 --- a/src/selinux-setup.c +++ b/src/selinux-setup.c @@ -38,11 +38,18 @@ int selinux_setup(char *const argv[]) { #ifdef HAVE_SELINUX int enforce = 0; usec_t n; + security_context_t con; /* Already initialized? */ - if (path_is_mount_point("/sys/fs/selinux") > 0 || - path_is_mount_point("/selinux") > 0) - return 0; + if (getcon_raw(&con) == 0) { + bool initialized; + + initialized = !streq(con, "kernel"); + freecon(con); + + if (initialized) + return 0; + } /* Before we load the policy we create a flag file to ensure * that after the reexec we iterate through /run and /dev to |