gistfile1.txt

```
From d3ca224c4b7547b2cdfaa5808bc91cd74ffd1416 Mon Sep 17 00:00:00 2001
From: Colin Walters <[email protected]>
Date: Fri, 3 Apr 2020 21:23:03 +0000
Subject: [PATCH] wip

---
 .../dracut/modules.d/20live/live-generator    | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator
index ca7935e..dbae337 100755
--- a/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator
+++ b/overlay.d/05core/usr/lib/dracut/modules.d/20live/live-generator
@@ -26,6 +26,7 @@ fi
 add_requires sysroot.mount     initrd-root-fs.target
 add_requires sysroot-etc.mount initrd-root-fs.target
 add_requires sysroot-var.mount initrd-root-fs.target
+add_requires sysroot-etc-var-label.service initrd-root-fs.target
 
 add_requires coreos-liveiso-network-kargs.service              initrd.target
 add_requires coreos-liveiso-reconfigure-nm-wait-online.service initrd.target
@@ -145,3 +146,21 @@ Where=/sysroot/var
 Type=none
 Options=bind
 EOF
+
+# Ensure the etc_t/var_t types for the overlayfs dir is set; see also
+# https://github.com/ostreedev/ostree/pull/763
+# This is also like how we handle relabeling in Ignition.
+cat >"${UNIT_DIR}/sysroot-etc-var-label.service" << EOF
+[Unit]
+DefaultDependencies=false
+ConditionPathExists=/sysroot/etc/selinux/targeted/
+After=sysroot-etc.mount
+After=sysroot-var.mount
+
+Before=ignition-mount.service
+
+[Service]
+RemainAfterExit=yes
+Type=oneshot
+ExecStart=/sbin/setfiles -r /sysroot /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/etc /sysroot/var
+EOF
-- 
2.24.1

```