[systemd-devel] Patch for Smack labelling support in udev
Lennart Poettering
lennart at poettering.net
Thu Jun 20 12:08:17 PDT 2013
On Wed, 19.06.13 12:09, Reshetova, Elena (elena.reshetova at intel.com) wrote:
> >>>> This is the patch for review for enabling smack labelling for device
> nodes.
> >>>>
> >>>> The functionality and reasoning is inside. I will be happy to answer
> >>>> any questions.
> >>>
> >>> So, this needs some HAVE_SMACK ifdeffery at least.
> >>>
> >>> That said, I wonder if we should instead make this a generic
> >>> XATTR{foobar}="waldo" thing. Kay?
> >>>
> >>
> >> Any update for this? if we use SMACK for udev, it requires it.
>
> >Lennart's suggestion seems more than reasonable - it would make it generic
> enough to do:
>
> > XATTR{security.SMACK64}="label"
>
> >which I think is all we need here. Elena, do you need help respinning this?
>
> Sorry for the silence, it seems like I totally missed these replies (got
> buried in my mailbox)!
>
> Sure, I can make a change, but I am not exactly sure what you mean by this:
> " XATTR{security.SMACK64}="label"". Adding simple HAVE_SMACK ifdeffery is
> easy, but the later part I didn't really understand.
Well, we just want this to be a bit more generic. i.e. we want a generic
XATTR{} concept for udev rules, so that you can set any kind of xattrs,
not just the ones SMACK needs. That way we can nicely handle the SMACK
case, but possibly also handle a lot of other cases where people just
want to use xattrs. Also the SMACK-specific ifdeffery then just becomes
an XATTR-specific ifdeffery...
> If it is just longer to explain it to me, Auke, you can go ahead and make a
> change and I will just learn from looking into it :) Unfortunately, I don't
> know systemd code well enough.
Well, you did the initial patch, right? Changing this to be this tiny
bit mor expressive should be easy. But anyway, I'll let you an Auke
figure this out...
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list