From a4baa58563a7f835322ef29e255cbfcb91ccc423 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Wed, 15 Mar 2023 20:53:02 -0500
Subject: [PATCH] Read /etc/fstab to determine data partition

Rather than hard-code the GPT partition label into the `init-storage`
and `factory-reset` scripts, these now determine the block device by
reading `/etc/fstab` and using the device specified for `/var`.
---
 overlay/usr/libexec/factory-reset                            | 2 +-
 overlay/usr/libexec/init-storage                             | 2 +-
 repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te | 2 ++
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/overlay/usr/libexec/factory-reset b/overlay/usr/libexec/factory-reset
index 0144043..a88adce 100755
--- a/overlay/usr/libexec/factory-reset
+++ b/overlay/usr/libexec/factory-reset
@@ -1,7 +1,7 @@
 #!/bin/sh
 # vim: set sw=4 ts=4 sts=4 et :
 
-DATAPART=PARTLABEL=dch-data
+DATAPART=$(awk '$2=="/var"{print $1}' /etc/fstab)
 
 seq 1 30
 
diff --git a/overlay/usr/libexec/init-storage b/overlay/usr/libexec/init-storage
index bbb8726..043cd32 100755
--- a/overlay/usr/libexec/init-storage
+++ b/overlay/usr/libexec/init-storage
@@ -71,7 +71,7 @@ setup_etc() {
     umount "${tmpdir}"
 }
 
-datapart=$(findfs PARTLABEL=dch-data)
+datapart=$(findfs $(awk '$2=="/var"{print $1}' /etc/fstab))
 if [ -b "${datapart}" ]; then
     printf 'Found data partition: %s\n' "${datapart}"
 else
diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
index a26fb35..5cce26a 100644
--- a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
+++ b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
@@ -45,6 +45,7 @@ files_runtime_filetrans(aimee_storinit_t, aimee_storinit_runtime_t, dir)
 
 corecmd_exec_bin(aimee_storinit_t)
 
+files_read_etc_files(aimee_storinit_t)
 storage_raw_read_fixed_disk(aimee_storinit_t)
 fstools_domtrans(aimee_storinit_t)
 mount_exec(aimee_storinit_t)
@@ -201,6 +202,7 @@ allow aimee_factory_reset_t self:fifo_file rw_fifo_file_perms;
 corecmd_exec_bin(aimee_factory_reset_t)
 dev_read_sysfs(aimee_factory_reset_t)
 kernel_read_system_state(aimee_factory_reset_t)
+files_read_etc_files(aimee_factory_reset_t)
 fstools_exec(aimee_factory_reset_t)
 fstools_manage_runtime_files(aimee_factory_reset_t)
 miscfiles_read_localization(aimee_factory_reset_t)