[systemd-devel] Patch for Smack labelling support in udev
Kay Sievers
kay at vrfy.org
Mon Oct 7 17:33:53 PDT 2013
On Thu, Sep 12, 2013 at 10:13 PM, Kok, Auke-jan H
<auke-jan.h.kok at intel.com> wrote:
> On Thu, Sep 12, 2013 at 10:23 AM, Kay Sievers <kay at vrfy.org> wrote:
>> On Fri, Aug 9, 2013 at 8:56 PM, Kok, Auke-jan H
>> <auke-jan.h.kok at intel.com> wrote:
>>> On Wed, Jul 24, 2013 at 3:15 AM, Reshetova, Elena <elena.reshetova at intel.com> wrote:
>>
>>>> For example, I can set a couple of smack-related xattrs in one go like
>>>> XATTR{security.SMACK64}="*", XATTR{security.SMACK64EXEC}="*".
>>>> Doesn't make sense from smack point of view (only smack64 is really meaningful
>>>> on device nodes), but proves that functionality works.
>>>
>>> right, but we could be setting other non-SMACK xattrs now all in one
>>> go - for example, SELINUX ones ("security.selinux").
>>
>> Yeah, *looks* powerful, but also scary. :)
Udev now supports:
SECLABEL{smack}="name"
http://cgit.freedesktop.org/systemd/systemd/commit/?id=c26547d612733371494330e26c7d3604a5dba3d9
Please check if that works for you.
Thanks,
Kay
More information about the systemd-devel
mailing list