Set the selinux context during the install (#228)

* Set the selinux context
2024-06-07 19:41:36 +00:00 · 2019-03-22 13:51:59 -07:00 · 2019-03-22 13:51:59 -07:00 · 397ae335fd
commit 397ae335fd
parent 9dd60779a4
1 changed files with 11 additions and 1 deletions
--- a/install.sh
+++ b/install.sh
@ -10,7 +10,7 @@ set -e
 #   Installing a server without an agent:
 #     curl ... | INSTALL_K3S_EXEC="--disable-agent" sh -
 #   Installing an agent to point at a server:
-#     curl ... | K3S_TOKEN=xxx K3S_URL=https://server-url:6443 sh -  
+#     curl ... | K3S_TOKEN=xxx K3S_URL=https://server-url:6443 sh -
 #
 # Environment variables:
 #   - K3S_*
@ -262,6 +262,16 @@ setup_binary() {
    info "Installing k3s to ${BIN_DIR}/k3s"
    $SUDO chown root:root ${TMP_BIN}
    $SUDO mv -f ${TMP_BIN} ${BIN_DIR}/k3s
+
+    if command -v getenforce > /dev/null 2>&1; then
+        if [ "Disabled" != `getenforce` ]; then
+            info "SeLinux is enabled, setting permissions"
+            if ! $SUDO semanage fcontext -l | grep "${BIN_DIR}/k3s" > /dev/null 2>&1; then
+                $SUDO semanage fcontext -a -t bin_t "${BIN_DIR}/k3s"
+            fi
+            $SUDO restorecon -v ${BIN_DIR}/k3s > /dev/null
+        fi
+    fi
 }

 # --- download and verify k3s ---