restorecon: do not set security.restorecon_last on ramfs and tmpfs
When setting the last value for restorecon, it should skip over the
ramfs and tmpfs, as setting last on non-persistent file systems
makes no sense. Notably, this avoids triggering a CAP_SYS_ADMIN
capability check and a SELinux setattr permission check to the
file when applying restorecon to ramfs or tmpfs filesystems.
Change-Id: I7e7ebaa9d62c7bc6a5587cc9c472dcb4a7a49513
Signed-off-by: William Roberts <william.c.roberts@intel.com>
1 file changed
