/usr/share/initramfs-tools/scripts/init-bottom/_load_selinux_policy is in selinux 1:0.11.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 | #! /bin/sh
set -e
PREREQ="framebuffer console_setup"
prereqs () {
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
# Mount the selinux directory in both the ramdisk's root as well as in
# the real root directory.
mkdir -p /selinux
mkdir -p ${rootmnt}/selinux
# Temporarily pivot to the real root directory, loading the policy
# from that disk. Normally this process will occur by init, but kinit
# is not compiled against libselinux. Therefore use load_policy to
# perform the same initialization.
set +e
chroot ${rootmnt} /sbin/load_policy -i
RET=$?
if [ $RET -eq 3 ]; then
panic "SELinux policy load failed and enforcing mode requested, halting now"
kill -INT 1
elif [ $RET -ne 0 ]; then
log_warning_msg "SELinux policy load failed, continuing"
else
log_success_msg "SELinux policy was loaded"
fi
mount -t selinuxfs none /selinux || \
log_warning_msg "Unable to mount /selinux"
exit 0
|