|
Hi SELinux experts, Thanks for reading my question. I know the whole file system could be relabeled if we touch /.autorelabel, then during system boots up rc.sysinit will go on to call relabel_selinux() function to fix the label for the whole file system, however, this happens after rc.sysinit has called start_udev, which will mount tmpfs onto /dev/ and take the responsibility to restorecon it properly. So how do we make sure those native device nodes under /dev/* such as /dev/console and /dev/null being properly labeled? They would be accessed by the hostname or mount program before rc.sysinit calls start_udev(when the tmpfs has not been mounted and labeled on /dev/). Thanks and best regards, Harry 使用Messenger保护盾2.0,支持多账号登录! 现在就下载! |
