From c62ebb3c64058f6b671cd1093d4c533100103b84 Mon Sep 17 00:00:00 2001
From: "d. johnson" <fenris02@fedoraproject.org>
Date: Wed, 11 Jun 2014 16:11:52 -0500
Subject: Reset mode to the configured default instead of always Enforcing

---
 reset-selinux.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/reset-selinux.sh b/reset-selinux.sh
index a95c579..6d0ad91 100755
--- a/reset-selinux.sh
+++ b/reset-selinux.sh
@@ -13,6 +13,10 @@ if [ "$(/usr/bin/whoami)" != "root" ]; then
   exit 1
 fi
 
+# Collect default selinux mode before beginning
+SELINUX=1
+[ -f /etc/selinux/config ] && . /etc/selinux/config
+
 [ -x /usr/sbin/setenforce ] || yum install -y libselinux-utils
 /usr/sbin/setenforce 0
 
@@ -21,7 +25,7 @@ fi
 
 /bin/mv /etc/selinux/targeted ${TMPDIR}/targeted.${DS}
 /usr/bin/install -d -m 0755 -o root -g root /etc/selinux/targeted
-/usr/bin/yum reinstall -y \
+/usr/bin/yum reinstall -y --noplugins --enablerepo=updates-testing \
   libselinux{,-python,utils} \
   policycoreutils{,-newrole,-restorecond,-sandbox} \
   selinux-policy{,-targeted} \
@@ -33,6 +37,7 @@ fi
 echo "Resetting selinux labels for packaged files ... this may take some time."
 time /sbin/fixfiles -R -a restore
 
-/usr/sbin/setenforce 1
+/usr/sbin/setenforce $SELINUX
+echo "You should reboot now."
 
 #EOF
-- 
cgit