init-storage: Set SELinux context for /var

This label needs to be applied before the subvolume is mounted initially to prevent AVC denials.
2023-03-12 10:30:34 -05:00
parent a84df60b4a
commit cb7e0a5819
1 changed files with 1 additions and 0 deletions
--- a/overlay/usr/libexec/init-storage
+++ b/overlay/usr/libexec/init-storage
@@ -27,6 +27,7 @@ format_dev() {

    mount "${dev}" "${tmpdir}" || exit
    btrfs subvolume create "${tmpdir}"/var || exit
+    chcon -t var_t "${tmpdir}"/var || exit
    umount "${dev}" || exit
 }