oracle template: fix selinux context on symlinks in /dev

This fixes sshd getting an avc on traversing the /dev/ptmx symlink (was default_t) Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

oracle template: fix selinux context on symlinks in /dev
c944b920 · Dwight Engen · Serge Hallyn · 67e5a20a · c944b920
Commit c944b920 authored Oct 17, 2013 by Dwight Engen Committed by Serge Hallyn Oct 17, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

lxc-oracle.in templates/lxc-oracle.in +4 -0

No files found.
--- a/templates/lxc-oracle.in
+++ b/templates/lxc-oracle.in
@@ -288,6 +288,10 @@ EOF
    if [ $container_rootfs != "/" -a -d $dev_path ]; then
        rm -rf $dev_path
        mkdir -p $dev_path
+        if which chcon >/dev/null 2>&1 ; then
+            # ensure symlinks created in /dev have the right context
+            chcon -t device_t $dev_path
+        fi
    fi
    mknod -m 666  $dev_path/null c 1 3
    mknod -m 666  $dev_path/zero c 1 5