From 1476f3a1c36090279dbf9a4ceef61893e3972e93 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 12 Oct 2008 11:07:42 +0200 Subject: Adding lh_chroot_selinuxfs helper to support building live images on a selinux enabled host (Closes: #501652). --- helpers/lh_binary | 3 ++ helpers/lh_chroot | 2 + helpers/lh_chroot_selinuxfs | 98 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100755 helpers/lh_chroot_selinuxfs diff --git a/helpers/lh_binary b/helpers/lh_binary index 48087c0..41d111c 100755 --- a/helpers/lh_binary +++ b/helpers/lh_binary @@ -36,6 +36,7 @@ then # Configuring chroot lh_chroot_devpts install ${*} lh_chroot_proc install ${*} + lh_chroot_selinuxfs install ${*} lh_chroot_sysfs install ${*} lh_chroot_hosts install ${*} lh_chroot_resolv install ${*} @@ -68,6 +69,7 @@ if [ "${LH_CHROOT_BUILD}" != "enabled" ] then lh_chroot_devpts install ${*} lh_chroot_proc install ${*} + lh_chroot_selinuxfs install ${*} lh_chroot_sysfs install ${*} fi @@ -87,5 +89,6 @@ then fi lh_chroot_sysfs remove ${*} +lh_chroot_selinuxfs remove ${*} lh_chroot_proc remove ${*} lh_chroot_devpts remove ${*} diff --git a/helpers/lh_chroot b/helpers/lh_chroot index 6bd4e90..81681c3 100755 --- a/helpers/lh_chroot +++ b/helpers/lh_chroot @@ -32,6 +32,7 @@ Set_defaults lh_chroot_cache restore ${*} lh_chroot_devpts install ${*} lh_chroot_proc install ${*} +lh_chroot_selinuxfs install ${*} lh_chroot_sysfs install ${*} lh_chroot_debianchroot install ${*} lh_chroot_dpkg install ${*} @@ -72,6 +73,7 @@ lh_chroot_sysv-rc remove ${*} lh_chroot_dpkg remove ${*} lh_chroot_debianchroot remove ${*} lh_chroot_sysfs remove ${*} +lh_chroot_selinuxfs remove ${*} lh_chroot_proc remove ${*} lh_chroot_devpts remove ${*} lh_chroot_cache save ${*} diff --git a/helpers/lh_chroot_selinuxfs b/helpers/lh_chroot_selinuxfs new file mode 100755 index 0000000..69340c6 --- /dev/null +++ b/helpers/lh_chroot_selinuxfs @@ -0,0 +1,98 @@ +#!/bin/sh + +# lh_chroot_sysfs(1) - mount /selinux +# Copyright (C) 2006-2008 Daniel Baumann +# +# live-helper comes with ABSOLUTELY NO WARRANTY; for details see COPYING. +# This is free software, and you are welcome to redistribute it +# under certain conditions; see COPYING for details. + +set -e + +# Including common functions +LH_BASE="${LH_BASE:-/usr/share/live-helper}" + +for FUNCTION in "${LH_BASE}"/functions/*.sh +do + . "${FUNCTION}" +done + +# Setting static variables +DESCRIPTION="mount /selinux" +HELP="" +USAGE="${PROGRAM} {install|remove} [--force]" + +Arguments "${@}" + +# Ensure that a system is built as root +lh_testroot + +# Reading configuration files +Read_conffile config/all config/common config/bootstrap config/chroot config/binary config/source +Set_defaults + +# Requiring stage file +Require_stagefile .stage/bootstrap + +case "${1}" in + install) + if [ -e /selinux/enforce ] && [ "$(cat /selinux/enforce)" = "1" ] + then + Echo_message "Begin mounting /selinux..." + + # Checking stage file + Check_stagefile .stage/chroot_selinuxfs + + # Checking lock file + Check_lockfile .lock + + # Creating lock file + Create_lockfile .lock + + if [ "${LH_USE_FAKEROOT}" != "enabled" ] + then + # Create mountpoint + mkdir -p chroot/selinux + + # Mounting /selinux + ${LH_ROOT_COMMAND} mount selinuxfs-live -t selinuxfs chroot/selinux + else + rm -rf chroot/selinux + ln -s /selinux chroot/ + fi + + # Creating stage file + Create_stagefile .stage/chroot_selinuxfs + fi + ;; + + remove) + Echo_message "Begin unmounting /selinux..." + + # Checking lock file + Check_lockfile .lock + + # Creating lock file + Create_lockfile .lock + + if [ "${LH_USE_FAKEROOT}" != "enabled" ] + then + # Unmounting /selinux + #fuser -km chroot/selinux + if [ -e chroot/selinux/enforce ] + then + ${LH_ROOT_COMMAND} umount chroot/selinux + fi + else + rm -rf chroot/selinux + mkdir -p chroot/selinux + fi + + # Removing stage file + rm -f .stage/chroot_selinux + ;; + + *) + Usage + ;; +esac -- cgit v1.0