X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fselinux-setup.c;h=9ff27dcd77f03f0a1b7ab016d60deb3121b3e252;hp=b2beb33d1f34d379aac37a8c37a699e77bbc46c9;hb=114a50f898a89bd7784c215ac5df95ec8c45a905;hpb=1829dc9dc5f38cd1aaa43912de56c3bb5d8b5617

diff --git a/src/selinux-setup.c b/src/selinux-setup.c
index b2beb33d1..9ff27dcd7 100644
--- a/src/selinux-setup.c
+++ b/src/selinux-setup.c
@@ -39,14 +39,14 @@ int selinux_setup(char *const argv[]) {
        int enforce = 0;
 
        /* Already initialized? */
-       if (path_is_mount_point("/selinux") > 0)
+       if (path_is_mount_point("/sys/fs/selinux") > 0 ||
+           path_is_mount_point("/selinux") > 0)
                return 0;
 
        /* Before we load the policy we create a flag file to ensure
-        * that after the reexec we iterate through /dev to relabel
-        * things. */
-       mkdir_p("/dev/.systemd", 0755);
-       touch("/dev/.systemd/relabel-devtmpfs");
+        * that after the reexec we iterate through /run and /dev to
+        * relabel things. */
+       touch("/dev/.systemd-relabel-run-dev");
 
        if (selinux_init_load_policy(&enforce) == 0) {
                log_debug("Successfully loaded SELinux policy, reexecuting.");
@@ -59,9 +59,9 @@ int selinux_setup(char *const argv[]) {
                return -errno;
 
        } else {
-               log_full(enforce > 0 ? LOG_ERR : LOG_DEBUG, "Failed to load SELinux policy.");
+               log_full(enforce > 0 ? LOG_ERR : LOG_WARNING, "Failed to load SELinux policy.");
 
-               unlink("/dev/.systemd/relabel-devtmpfs");
+               unlink("/dev/.systemd-relabel-run-dev");
 
                if (enforce > 0)
                        return -EIO;