dns-hatchet: apply resolv.conf's selinux context to new resolv.conf

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib/dns-hatchet/hatchet.bash

@@ -17,9 +17,11 @@ set_dns() {
 		printf 'nameserver %s\n' "${DNS[@]}"
 		} | unshare -m --propagation shared bash -c "$(cat <<-_EOF
 			set -e
+			context="\$(stat -c %C /etc/resolv.conf 2>/dev/null)" || unset context
 			mount --make-private /dev/shm
 			mount -t tmpfs none /dev/shm
 			cat > /dev/shm/resolv.conf
+			[[ -z \$context || \$context == "?" ]] || chcon "\$context" /dev/shm/resolv.conf 2>/dev/null || true
 			mount -o remount,ro /dev/shm
 			mount -o bind,ro /dev/shm/resolv.conf /etc/resolv.conf
 		_EOF