[systemd-devel] [PATCH] Add SELinuxContext configuration item
Lennart Poettering
lennart at poettering.net
Sat Dec 28 05:30:56 PST 2013
On Fri, 27.12.13 23:26, misc at zarb.org (misc at zarb.org) wrote:
> From: Michael Scherer <misc at zarb.org>
>
> This permit to let system administrators decide of the domain of a service.
> This can be used with templated units to have each service in a différent
> domain ( for example, a per customer database, using MLS or anything ),
> or can be used to force a non selinux enabled system (jvm, erlang, etc)
> to start in a different domain for each service.
Hmm, so far (as I understood it) the SELinux guys always wanted to make
sure that label configuration stays in the the selinux database and
nowhere else.
I'd like Dan Walsh's opinion whether this addition fits into what the
SELinux guys want or not. Dan?
Patch looks fine though.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list