#include "selinux-setup.h"
#include "ima-setup.h"
#include "fileio.h"
+#include "smack-setup.h"
static enum {
ACTION_RUN,
}
if (!skip_setup) {
+ mount_setup_early();
if (selinux_setup(&loaded_policy) < 0)
goto finish;
if (ima_setup() < 0)
goto finish;
+ if (smack_setup() < 0)
+ goto finish;
}
if (label_init(NULL) < 0)
}
r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, false, &error, &default_unit_job);
- if (r < 0) {
- log_error("Failed to start default target: %s", bus_error(&error, r));
+ if (r == -EPERM) {
+ log_error("Default target could not be isolated, starting instead: %s", bus_error(&error, r));
+ dbus_error_free(&error);
+
+ r = manager_add_job(m, JOB_START, target, JOB_REPLACE, false, &error, &default_unit_job);
+ if (r < 0) {
+ log_error("Failed to start default target: %s", bus_error(&error, r));
+ dbus_error_free(&error);
+ goto finish;
+ }
+ } else if (r < 0) {
+ log_error("Failed to isolate default target: %s", bus_error(&error, r));
dbus_error_free(&error);
goto finish;
}
+
m->default_unit_job_id = default_unit_job->id;
after_startup = now(CLOCK_MONOTONIC);
~ianmdlvl / elogind.git / blobdiff