diff options
-rw-r--r-- | src/core/selinux-setup.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c index 7a32ed59a0..9a5d6b2a9d 100644 --- a/src/core/selinux-setup.c +++ b/src/core/selinux-setup.c @@ -58,6 +58,13 @@ int selinux_setup(bool *loaded_policy) { cb.func_log = null_log; selinux_set_callback(SELINUX_CB_LOG, cb); + /* Don't load policy in the initrd if we don't appear to have + * it. For the real root, we check below if we've already + * loaded policy, and return gracefully. + */ + if (in_initrd() && access(selinux_path(), F_OK) < 0) + return 0; + /* Already initialized by somebody else? */ r = getcon_raw(&con); if (r == 0) { |