Skip to content

Commit

Permalink
Merge pull request #3266 from ericcurtin/if-file-missing-on-relabel-c…
Browse files Browse the repository at this point in the history
…ontinue

remount: ignore ENOENT error during SELinux relabeling
  • Loading branch information
cgwalters authored Jun 18, 2024
2 parents 8f559e9 + e25ca80 commit f280b12
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/boot/ostree-remount.service
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ After=-.mount var.mount
After=systemd-remount-fs.service
# But we run *before* most other core bootup services that need write access to /etc and /var
Before=local-fs.target umount.target
Before=systemd-random-seed.service plymouth-read-write.service systemd-journal-flush.service
Before=systemd-random-seed.service plymouth-read-write.service systemd-journal-flush.service systemd-sysusers.service
Before=systemd-tmpfiles-setup.service systemd-rfkill.service systemd-rfkill.socket

[Service]
Expand Down
12 changes: 11 additions & 1 deletion src/switchroot/ostree-remount.c
Original file line number Diff line number Diff line change
Expand Up @@ -90,8 +90,18 @@ static void
relabel_dir_for_upper (const char *upper_path, const char *real_path, gboolean is_dir)
{
#ifdef HAVE_SELINUX
/* Ignore ENOENT, because if there is no file to relabel we can continue,
* systemd-sysusers runs in parallel and can create temporary files in /etc
* causing failures like:
* "Failed to relabel /etc/.#gshadowJzu4Rx: No such file or directory"
*/
if (selinux_restorecon (real_path, 0))
err (EXIT_FAILURE, "Failed to relabel %s", real_path);
{
if (errno == ENOENT)
return;

err (EXIT_FAILURE, "Failed to relabel %s", real_path);
}

if (!is_dir)
return;
Expand Down

0 comments on commit f280b12

Please sign in to comment.