mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-05 16:28:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

mount-copybind: add SELinux support

Browse Source 
bind mounts don't use the SELinux label of the target, but the SELinux
label of the source.

This patch restores the SELinux context of the bind mount recursively using
restorecon.

(From OE-Core rev: 6f3e231dc9bc11772573bf9683de9804460362d1)

Signed-off-by: Tobias Kaufmann <Tobias.KA.Kaufmann@bmw.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Tobias Kaufmann
2021-09-09 10:05:04 +02:00
committed by Richard Purdie
parent 6c0a5594cc
commit e1d658ef11
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
meta/recipes-core/volatile-binds/files/mount-copybind
View File

@@ -46,6 +46,12 @@ if [ -d "$mountpoint" ]; then
fi
mount -o "bind$options" "$spec" "$mountpoint"
# restore the selinux context.
if command -v selinuxenabled > /dev/null 2>&1; then
if selinuxenabled; then
restorecon -R "$mountpoint"
fi
fi
fi
elif [ -f "$mountpoint" ]; then
if [ ! -f "$spec" ]; then
@@ -53,4 +59,10 @@ elif [ -f "$mountpoint" ]; then
fi
mount -o "bind$options" "$spec" "$mountpoint"
# restore the selinux context.
if command -v selinuxenabled > /dev/null 2>&1; then
if selinuxenabled; then
restorecon -R "$mountpoint"
fi
fi
fi