diff options
| author | d. johnson <fenris02@fedoraproject.org> | 2014-06-11 16:11:52 -0500 |
|---|---|---|
| committer | d. johnson <fenris02@fedoraproject.org> | 2014-06-11 16:11:52 -0500 |
| commit | c62ebb3c64058f6b671cd1093d4c533100103b84 (patch) | |
| tree | 4dcdc4e064ca44ac8bbb872df88ca28193d2bd95 | |
| parent | 5be6c5d281d89208cb3ed5f2175f404f1ded3eaf (diff) | |
| download | cleanup-c62ebb3c64058f6b671cd1093d4c533100103b84.tar.gz cleanup-c62ebb3c64058f6b671cd1093d4c533100103b84.tar.xz cleanup-c62ebb3c64058f6b671cd1093d4c533100103b84.zip | |
Reset mode to the configured default instead of always Enforcing
| -rwxr-xr-x | reset-selinux.sh | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/reset-selinux.sh b/reset-selinux.sh index a95c579..6d0ad91 100755 --- a/reset-selinux.sh +++ b/reset-selinux.sh @@ -13,6 +13,10 @@ if [ "$(/usr/bin/whoami)" != "root" ]; then exit 1 fi +# Collect default selinux mode before beginning +SELINUX=1 +[ -f /etc/selinux/config ] && . /etc/selinux/config + [ -x /usr/sbin/setenforce ] || yum install -y libselinux-utils /usr/sbin/setenforce 0 @@ -21,7 +25,7 @@ fi /bin/mv /etc/selinux/targeted ${TMPDIR}/targeted.${DS} /usr/bin/install -d -m 0755 -o root -g root /etc/selinux/targeted -/usr/bin/yum reinstall -y \ +/usr/bin/yum reinstall -y --noplugins --enablerepo=updates-testing \ libselinux{,-python,utils} \ policycoreutils{,-newrole,-restorecond,-sandbox} \ selinux-policy{,-targeted} \ @@ -33,6 +37,7 @@ fi echo "Resetting selinux labels for packaged files ... this may take some time." time /sbin/fixfiles -R -a restore -/usr/sbin/setenforce 1 +/usr/sbin/setenforce $SELINUX +echo "You should reboot now." #EOF |