Michal Schmidt 706a2f
From ef9d7dca5463e64510e174d55a869b4d5a3c4e84 Mon Sep 17 00:00:00 2001
Michal Schmidt 706a2f
From: Michal Schmidt <mschmidt@redhat.com>
Michal Schmidt 706a2f
Date: Tue, 7 Jun 2011 00:48:16 +0200
Michal Schmidt 62bfbd
Subject: [PATCH 4/6] selinux: selinuxfs can be mounted on /sys/fs/selinux
Michal Schmidt 706a2f
Michal Schmidt 706a2f
The kernel now provides the /sys/fs/selinux mountpoint and libselinux
Michal Schmidt 706a2f
prefers it if it's available.
Michal Schmidt 706a2f
Michal Schmidt 706a2f
systemd currently tests only for /selinux and this leads to an infinite
Michal Schmidt 706a2f
loop of policy reloads in the latest Rawhide.
Michal Schmidt 706a2f
Michal Schmidt 706a2f
Fix it by checking both possible mountpoints.
Michal Schmidt 706a2f
Also add the new path to ignore_paths[].
Michal Schmidt 706a2f
Michal Schmidt 706a2f
/selinux appears also in nspawn.c. I don't think it's necessary to
Michal Schmidt 706a2f
change it there at this point.
Michal Schmidt 706a2f
Michal Schmidt 706a2f
https://bugzilla.redhat.com/show_bug.cgi?id=711015
Michal Schmidt 706a2f
---
Michal Schmidt 706a2f
 src/mount-setup.c   |    1 +
Michal Schmidt 706a2f
 src/selinux-setup.c |    3 ++-
Michal Schmidt 706a2f
 2 files changed, 3 insertions(+), 1 deletions(-)
Michal Schmidt 706a2f
Michal Schmidt 706a2f
diff --git a/src/mount-setup.c b/src/mount-setup.c
Michal Schmidt 706a2f
index 48c32ea..6feee6a 100644
Michal Schmidt 706a2f
--- a/src/mount-setup.c
Michal Schmidt 706a2f
+++ b/src/mount-setup.c
Michal Schmidt 706a2f
@@ -63,6 +63,7 @@ static const MountPoint mount_table[] = {
Michal Schmidt 706a2f
  * we just list them here so that we know that we should ignore them */
Michal Schmidt 706a2f
 
Michal Schmidt 706a2f
 static const char * const ignore_paths[] = {
Michal Schmidt 706a2f
+        "/sys/fs/selinux",
Michal Schmidt 706a2f
         "/selinux",
Michal Schmidt 706a2f
         "/proc/bus/usb"
Michal Schmidt 706a2f
 };
Michal Schmidt 706a2f
diff --git a/src/selinux-setup.c b/src/selinux-setup.c
Michal Schmidt 706a2f
index c32c7ad..9ff27dc 100644
Michal Schmidt 706a2f
--- a/src/selinux-setup.c
Michal Schmidt 706a2f
+++ b/src/selinux-setup.c
Michal Schmidt 706a2f
@@ -39,7 +39,8 @@ int selinux_setup(char *const argv[]) {
Michal Schmidt 706a2f
        int enforce = 0;
Michal Schmidt 706a2f
 
Michal Schmidt 706a2f
        /* Already initialized? */
Michal Schmidt 706a2f
-       if (path_is_mount_point("/selinux") > 0)
Michal Schmidt 706a2f
+       if (path_is_mount_point("/sys/fs/selinux") > 0 ||
Michal Schmidt 706a2f
+           path_is_mount_point("/selinux") > 0)
Michal Schmidt 706a2f
                return 0;
Michal Schmidt 706a2f
 
Michal Schmidt 706a2f
        /* Before we load the policy we create a flag file to ensure
Michal Schmidt 706a2f
-- 
Michal Schmidt 706a2f
1.7.4.4
Michal Schmidt 706a2f