init-storage: Set SELinux context for /var

This label needs to be applied before the subvolume is mounted initially
to prevent AVC denials.

overlay/usr/libexec/init-storage

@@ -27,6 +27,7 @@ format_dev() {
 
     mount "${dev}" "${tmpdir}" || exit
     btrfs subvolume create "${tmpdir}"/var || exit
+    chcon -t var_t "${tmpdir}"/var || exit
     umount "${dev}" || exit
 }