[systemd-devel] Patch for Smack labelling support in udev
Colin Walters
walters at verbum.org
Wed May 8 06:13:58 PDT 2013
On Wed, 2013-05-08 at 11:16 +0000, Reshetova, Elena wrote:
> The functionality and reasoning is inside. I will be happy to answer
> any questions.
Why is this different from how SELinux works? There from what I can
see there's a centralized API to look up the expected label for a given
filename (selabel_lookup_raw), and then set the target label for newly
created files in the current thread (setfscreatecon). That way we're
ensuring the file is created atomically with that label.
So why is is SMACK different here, and could it fit into what already
exists in src/shared/label.c ?
More information about the systemd-devel
mailing list