[systemd-devel] This patch adds SELinux support to systemd for socket creation.
Kay Sievers
kay.sievers at vrfy.org
Fri Jul 23 03:56:52 PDT 2010
On Fri, Jul 23, 2010 at 12:30, Daniel J Walsh <dwalsh at redhat.com> wrote:
> I though I saw avc's caused because systemd creating some devices with
> the wrong labels? I searched for mknod but found no calls. Does
> systemd create any nodes?
It should not create any nodes. Systemd depends on the
kernel-maintained devtmpfs for all device nodes.
Udev runs on top of devtmpfs and adjusts permissions/selinux context
in the background. Could there be a timing problem, that some nodes
which the kernel has created get accessed, but don't have the proper
context in the moment udev is still iterating over them?
Kay
More information about the systemd-devel
mailing list