Apps running in the second stage may expect to have 'normal' files in
/etc or /var. By staging it this way, they can just be kept in the
second stage, and copied to the first stage at runtime, rather than
having to keep them in the first stage. We can't symlink to
/mnt/runtime/etc or /mnt/runtime/var, because the second stage isn't
writable. /etc/selinux is still symlinked, because it's huge.
---
loader2/loader.c | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/loader2/loader.c b/loader2/loader.c
index 90a1e0c..8810fc9 100644
--- a/loader2/loader.c
+++ b/loader2/loader.c
@@ -1708,10 +1708,15 @@ int main(int argc, char ** argv) {
url = doLoaderMain("/mnt/source", &loaderData, modInfo, modLoaded, &modDeps);
if (!FL_TESTING(flags)) {
+ int ret;
+
/* unlink dirs and link to the ones in /mnt/runtime */
migrate_runtime_directory("/usr");
migrate_runtime_directory("/lib");
migrate_runtime_directory("/lib64");
+ ret = symlink("/mnt/runtime/etc/selinux", "/etc/selinux");
+ copyDirectory("/mnt/runtime/etc","/etc", copyWarnFn, copyErrorFn);
+ copyDirectory("/mnt/runtime/var","/var", copyWarnFn, copyErrorFn);
}
/* now load SELinux policy before exec'ing anaconda and the shell
@@ -1721,10 +1726,6 @@ int main(int argc, char ** argv) {
logMessage(ERROR, "failed to mount /selinux: %s, disabling SELinux", strerror(errno));
flags &= ~LOADER_FLAGS_SELINUX;
} else {
- /* FIXME: this is a bad hack for libselinux assuming things
- * about paths */
- int ret;
- ret = symlink("/mnt/runtime/etc/selinux", "/etc/selinux");
if (loadpolicy() == 0) {
setexeccon(ANACONDA_CONTEXT);
} else {
--
1.5.3.4
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
