mirror of
https://git.yoctoproject.org/poky
synced 2026-02-28 04:19:40 +01:00
e1d658ef11
bind mounts don't use the SELinux label of the target, but the SELinux label of the source. This patch restores the SELinux context of the bind mount recursively using restorecon. (From OE-Core rev: 6f3e231dc9bc11772573bf9683de9804460362d1) Signed-off-by: Tobias Kaufmann <Tobias.KA.Kaufmann@bmw.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1.7 KiB
Executable File
1.7 KiB
Executable File
#!/bin/sh
Perform a bind mount, copying existing files as we do so to ensure the
overlaid path has the necessary content.
if [ $# -lt 2 ]; then echo >&2 "Usage: $0 spec mountpoint [OPTIONS]" exit 1 fi
e.g. /var/volatile/lib
spec=$1
e.g. /var/lib
mountpoint=$2
if [ $# -gt 2 ]; then options=$3 else options= fi
[ -n "$options" ] && options=",$options"
mkdir -p "${spec%/*}"
if [ -d "$mountpoint" ]; then
if [ -d "$spec" ]; then
specdir_existed=yes
else
specdir_existed=no
mkdir "$spec"
fi
# Fast version of calculating `dirname ${spec}`/.`basename ${spec}`-work
overlay_workdir="${spec%/*}/.${spec##*/}-work"
mkdir "${overlay_workdir}"
# Try to mount using overlay, which is must faster than copying files.
# If that fails, fall back to slower copy.
if ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir" "$mountpoint" > /dev/null 2>&1; then
if [ "$specdir_existed" != "yes" ]; then
cp -aPR "$mountpoint"/. "$spec/"
fi
mount -o "bind$options" "$spec" "$mountpoint"
# restore the selinux context.
if command -v selinuxenabled > /dev/null 2>&1; then
if selinuxenabled; then
restorecon -R "$mountpoint"
fi
fi
fi
elif [ -f "$mountpoint" ]; then if [ ! -f "$spec" ]; then cp -aP "$mountpoint" "$spec" fi
mount -o "bind$options" "$spec" "$mountpoint"
# restore the selinux context.
if command -v selinuxenabled > /dev/null 2>&1; then
if selinuxenabled; then
restorecon -R "$mountpoint"
fi
fi
fi