From 9eb0a8517e2abe816f726f47cfb83c2870fa210f Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Tue, 18 Sep 2018 19:05:20 +0200
Subject: [PATCH] pre-pivot.sh: do it all by hand

---
 pre-pivot.sh | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/pre-pivot.sh b/pre-pivot.sh
index c161e5e..3b0691b 100644
--- a/pre-pivot.sh
+++ b/pre-pivot.sh
@@ -128,6 +128,15 @@ umount -l /run/initramfs/mnt
 #    [[ -f /sysroot/cfg/$i ]] && continue
 #    cp -a /sysroot/usr/share/factory/cfg/$i /sysroot/cfg/$i
 #done
+
 if [[ $FIRST_TIME ]]; then
-    chroot /sysroot bash -c '/usr/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev --exclude-prefix=/run --exclude-prefix=/tmp  --exclude-prefix=/etc 2>&1;  restorecon -R -v /cfg /var 2>&1'| vinfo
+    mount -o bind /sys /sysroot/sys
+    mount -t selinuxfs /sysroot/sys/fs/selinux
+    OLD_ENFORCE=$(getenforce)
+    setenforce 0
+    chroot /sysroot /usr/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev --exclude-prefix=/run --exclude-prefix=/tmp --exclude-prefix=/etc 2>&1 | vinfo
+    chroot /sysroot /usr/sbin/restorecon -m -vvvvv -F -R /cfg /var 2>&1 | vinfo
+    setenforce $OLD_ENFORCE
+    umount /sysroot/sys/fs/selinux
+    umount /sysroot/sys
 fi