MMCT TEAM
Server IP : 2a02:4780:3:2287:0:3736:a38e:8  /  Your IP : 216.73.216.63
Web Server : LiteSpeed
System : Linux sg-nme-web2187.main-hosting.eu 5.14.0-611.54.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Wed May 6 18:03:03 EDT 2026 x86_64
User : u926327694 ( 926327694)
PHP Version : 7.4.33
Disable Function : system, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF
Directory (0755) :  /../lib64/perl5/../../var/../lib/dracut/modules.d/30convertfs/../98selinux/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : //../lib64/perl5/../../var/../lib/dracut/modules.d/30convertfs/../98selinux/selinux-loadpolicy.sh
#!/usr/bin/sh

# FIXME: load selinux policy.  this should really be done after we switchroot

rd_load_policy() {
    # If SELinux is disabled exit now
    getarg "selinux=0" > /dev/null && return 0

    SELINUX="enforcing"
    # shellcheck disable=SC1090
    [ -e "$NEWROOT/etc/selinux/config" ] && . "$NEWROOT/etc/selinux/config"

    # Check whether SELinux is in permissive mode
    permissive=0

    if getarg "enforcing=0" > /dev/null || [ "$SELINUX" = "permissive" ]; then
        permissive=1
    fi

    # Attempt to load SELinux Policy
    if [ -x "$NEWROOT/usr/sbin/load_policy" -o -x "$NEWROOT/sbin/load_policy" ]; then
        local ret=0
        local out
        info "Loading SELinux policy"
        mount -o bind /sys "$NEWROOT"/sys
        # load_policy does mount /proc and /sys/fs/selinux in
        # libselinux,selinux_init_load_policy()
        if [ -x "$NEWROOT/sbin/load_policy" ]; then
            out=$(LANG=C chroot "$NEWROOT" /sbin/load_policy -i 2>&1)
            ret=$?
            info "$out"
        else
            out=$(LANG=C chroot "$NEWROOT" /usr/sbin/load_policy -i 2>&1)
            ret=$?
            info "$out"
        fi
        umount "$NEWROOT"/sys/fs/selinux
        umount "$NEWROOT"/sys

        if [ "$SELINUX" = "disabled" ]; then
            return 0
        fi

        if [ $ret -eq 0 -o $ret -eq 2 ]; then
            # If machine requires a relabel, force to permissive mode
            [ -e "$NEWROOT"/.autorelabel ] && LANG=C /usr/sbin/setenforce 0
            mount --rbind /dev "$NEWROOT/dev"
            LANG=C chroot "$NEWROOT" /sbin/restorecon -R /dev
            umount -R "$NEWROOT/dev"
            return 0
        fi

        warn "Initial SELinux policy load failed."
        if [ $ret -eq 3 -o $permissive -eq 0 ]; then
            warn "Machine in enforcing mode."
            warn "Not continuing"
            emergency_shell -n selinux
            exit 1
        fi
        return 0
    elif [ $permissive -eq 0 -a "$SELINUX" != "disabled" ]; then
        warn "Machine in enforcing mode and cannot execute load_policy."
        warn "To disable selinux, add selinux=0 to the kernel command line."
        warn "Not continuing"
        emergency_shell -n selinux
        exit 1
    fi
}

rd_load_policy

MMCT - 2023