PREIN
/bin/sh
if [ $1 -ne 1 ] && [ -s /etc/selinux/config ]; then
. /etc/selinux/config;
FILE_CONTEXT=/etc/selinux/mls/contexts/files/file_contexts;
if [ "${SELINUXTYPE}" = mls -a -f ${FILE_CONTEXT} ]; then
[ -f ${FILE_CONTEXT}.pre ] || cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.pre;
fi;
touch /etc/selinux/mls/.rebuild;
if [ -e /etc/selinux/mls/.policy.sha512 ]; then
sha512=`sha512sum /etc/selinux/mls/modules/active/policy.kern | cut -d ' ' -f 1`;
checksha512=`cat /etc/selinux/mls/.policy.sha512`;
if [ "$sha512" == "$checksha512" ] ; then
rm /etc/selinux/mls/.rebuild;
fi;
fi;
fi;
POSTIN
/bin/sh
. /etc/selinux/config;
if [ -e /etc/selinux/mls/.rebuild ]; then
rm /etc/selinux/mls/.rebuild;
(cd /etc/selinux/mls/modules/active/modules; rm -f gnomeclock.pp matahari.pp xfs.pp kudzu.pp kerneloops.pp execmem.pp openoffice.pp ada.pp tzdata.pp hal.pp hotplug.pp howl.pp java.pp mono.pp moilscanner.pp gamin.pp audio_entropy.pp audioentropy.pp iscsid.pp polkit_auth.pp polkit.pp rtkit_daemon.pp ModemManager.pp telepathysofiasip.pp ethereal.pp passanger.pp qpidd.pp pyzor.pp razor.pp pki-selinux.pp phpfpm.pp consoletype.pp)
/usr/sbin/semodule -B -n -s mls;
else
touch /etc/selinux/mls/modules/active/modules/sandbox.disabled
fi;
[ "${SELINUXTYPE}" == "mls" ] && selinuxenabled && load_policy;
if [ $1 -eq 1 ]; then
/sbin/restorecon -R /root /var/log /var/run 2> /dev/null;
else
. /etc/selinux/config;
FILE_CONTEXT=/etc/selinux/mls/contexts/files/file_contexts;
/usr/sbin/selinuxenabled;
if [ $? = 0 -a "${SELINUXTYPE}" = mls -a -f ${FILE_CONTEXT}.pre ]; then
/sbin/fixfiles -C ${FILE_CONTEXT}.pre restore 2> /dev/null;
/sbin/restorecon -e /run/media -R /root /var/log /var/run /etc/passwd* /etc/group* 2> /dev/null;
rm -f ${FILE_CONTEXT}.pre;
restorecon -R /home/*/.cache /home/*/.config 2> /dev/null;
fi;fi;