Interesting hack to run a script early in init after fs mounting on CentOS

Michael Torrie torriem at
Tue Sep 10 22:54:34 MDT 2013

So on my little box here, I want to set up a bunch of things in /var to
run in tmpfs.  Nowadays on modern linux's like Fedora or Ubuntu, they
already do, and /var/run, /var/lock both are symlinks into /run.  But in
Centos and RHEL this isn't done yet. So I needed a script that would
populate my tmpfs folders properly and make sure they are labeled
correctly for selinux.

The problem is fstab just sets up tmpfs with the default tmpfs labels,
and it doesn't populate the folders for me, obviously.  So I needed a
way to do this early in the boot process.  So what I did was make a
script that I called /sbin/mount.runtmpfs and in that script I copied
the right files (from a backup location that I'll periodically update),
and set the selinux labels.  Then to get it to run I just added an entry
to /etc/fstab like so:

dummy  /run  runtmpfs  defaults 0 0

/run has to exist (and I use it as a backup for my files I wish to
populate, much like how /run is used on fedora or ubuntu)

Now every boot, tmpfs is mounted then my script runs and everything sets
up long before any of the init scripts and daemons run, and I didn't
have to modify /etc/rc.sysinit either.

I am left with one problem, though.  selinux is flagging my script
because it doesn't have rights to relabel.  Can I label a shell script
to grant permissions or do I have to make a wrapper binary that does it?
 Any ideas from the selinux experts?

More information about the PLUG mailing list