X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=meta-netboot%2Frecipes-core%2Finitramfs-netboot%2Ffiles%2Finit.sh;h=87a1acb80834b7af75ede872ba90053e9be02cd5;hb=c05762b781b5fb7b4f6139ea1a6d5a9b9d72de7a;hp=50d62472a9394bb0cebe5174b415d33a7c2c8538;hpb=fa0bdff0768b087f499db748e08dad7d21cfd8d5;p=AGL%2Fmeta-agl.git diff --git a/meta-netboot/recipes-core/initramfs-netboot/files/init.sh b/meta-netboot/recipes-core/initramfs-netboot/files/init.sh index 50d62472a..87a1acb80 100644 --- a/meta-netboot/recipes-core/initramfs-netboot/files/init.sh +++ b/meta-netboot/recipes-core/initramfs-netboot/files/init.sh @@ -21,7 +21,6 @@ EOF # global variables -SMACK=n NBD_SERVER= NBD_PORT=10809 NBD_DEV=/dev/nbd0 @@ -109,23 +108,12 @@ check_debug "Debug point 1. Exit to continue initrd script (mount NBD device)." log_info "NBD parameters: device $NBD_DEV, server $NBD_SERVER:$NBD_PORT" -# check if smack is active (and if so, mount smackfs) -grep -q smackfs /proc/filesystems && { - SMACK=y - - do_mount_fs smackfs /sys/fs/smackfs - - # adjust current label and network label - echo System >/proc/self/attr/current - echo System >/sys/fs/smackfs/ambient -} - # start nbd client try=5 while :;do log_info "Starting NBD client" if [ -z "${NBD_NAMEV3}" ]; then - nbd-client $NBD_SERVER $NBD_PORT $NBD_DEV && { log_info "NBD client successfully started"; break; } + nbd-client -persist $NBD_SERVER $NBD_PORT $NBD_DEV && { log_info "NBD client successfully started"; break; } log_info "NBD client failed" else nbd3-client $NBD_SERVER $NBD_DEV --name $NBD_NAMEV3 && { log_info "NBD3 client successfully started"; break; } @@ -165,9 +153,24 @@ fi # also use /proc/net/pnp to generate /etc/resolv.conf rm -f /etc/resolv.conf grep -v bootserver /proc/net/pnp | sed 's/^domain/search/g' >/etc/resolv.conf -chsmack -A /etc/resolv.conf -# unmount tmp and run to let systemd remount them with correct smack labels (SPEC-2596) +# Do SELinux relabeling if required, to avoid a reboot that would complicate CI +if [ -f /.autorelabel ]; then + # Nothing SELinux related works w/o the fs mounted + do_mount_fs selinuxfs /sys/fs/selinux + + # Labeling requires the policy to be loaded + log_info "Loading SELinux policy" + /usr/sbin/load_policy + + /usr/bin/selinux-autorelabel.sh + + # Will get remounted by systemd startup, unmount to keep that behavior + # more like the non-netboot case. + umount /sys/fs/selinux +fi + +# unmount tmp and run to let systemd remount them log_info "Unmounting /tmp and /run" umount /tmp umount /run