selinux-autorelabel: enable labeling during build

Previously, system using systemd would label selinux contexts on first boot. While system using sysvinit would label during build. Add a variable FIRST_BOOT_RELABEL as a switch to control labeling to make the behavior of sysvinit and systemd consistent. Set FIRST_BOOT_RELABEL to 1 in local.conf to enable labeling on first boot. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
2026-01-01 13:58:04 +00:00 · 2023-09-22 10:22:35 +08:00 · 2023-09-22 10:22:35 +08:00 · e29104086e
commit e29104086e
parent 46ec0414b4
1 changed files with 3 additions and 3 deletions
--- a/recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb
+++ b/recipes-security/selinux-scripts/selinux-autorelabel_0.1.bb
@ -20,7 +20,7 @@ INITSCRIPT_PARAMS = "start 01 S ."
 require selinux-initsh.inc

 do_install:append() {
-	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
-		echo "# first boot relabelling" > ${D}/.autorelabel
-	fi
+    if ${@bb.utils.contains('FIRST_BOOT_RELABEL', '1', 'true', 'false', d)}; then
+        echo "# first boot relabelling" > ${D}/.autorelabel
+    fi
 }