# global variables
-SMACK=n
NBD_SERVER=
NBD_PORT=10809
NBD_DEV=/dev/nbd0
log_info "NBD parameters: device $NBD_DEV, server $NBD_SERVER:$NBD_PORT"
-# check if smack is active (and if so, mount smackfs)
-grep -q smackfs /proc/filesystems && {
- SMACK=y
-
- do_mount_fs smackfs /sys/fs/smackfs
-
- # adjust current label and network label
- echo System >/proc/self/attr/current
- echo System >/sys/fs/smackfs/ambient
-}
-
# start nbd client
try=5
while :;do
log_info "Starting NBD client"
if [ -z "${NBD_NAMEV3}" ]; then
- nbd-client $NBD_SERVER $NBD_PORT $NBD_DEV && { log_info "NBD client successfully started"; break; }
+ nbd-client -persist $NBD_SERVER $NBD_PORT $NBD_DEV && { log_info "NBD client successfully started"; break; }
log_info "NBD client failed"
else
nbd3-client $NBD_SERVER $NBD_DEV --name $NBD_NAMEV3 && { log_info "NBD3 client successfully started"; break; }
# also use /proc/net/pnp to generate /etc/resolv.conf
rm -f /etc/resolv.conf
grep -v bootserver /proc/net/pnp | sed 's/^domain/search/g' >/etc/resolv.conf
-chsmack -A /etc/resolv.conf
-# unmount tmp and run to let systemd remount them with correct smack labels (SPEC-2596)
+# Do SELinux relabeling if required, to avoid a reboot that would complicate CI
+if [ -f /.autorelabel ]; then
+ # Nothing SELinux related works w/o the fs mounted
+ do_mount_fs selinuxfs /sys/fs/selinux
+
+ # Labeling requires the policy to be loaded
+ log_info "Loading SELinux policy"
+ /usr/sbin/load_policy
+
+ /usr/bin/selinux-autorelabel.sh
+
+ # Will get remounted by systemd startup, unmount to keep that behavior
+ # more like the non-netboot case.
+ umount /sys/fs/selinux
+fi
+
+# unmount tmp and run to let systemd remount them
log_info "Unmounting /tmp and /run"
umount /tmp
umount /run