[systemd-devel] [PATCH] Smack enabled systems need /dev special devices correctly labeled

Michael Demeter michael.demeter at intel.com
Mon Oct 14 15:49:34 PDT 2013


Sorry Kay and Lennart,

I really had no idea what you meant by your question until I spoke to Auke..

I have since resubmitted the patch this time based against upstream 2.08.

Michael Demeter
Staff Security Engineer
Open Source Technology Center - SSG
Intel Corporation



On Oct 14, 2013, at 9:26 AM, Lennart Poettering <lennart at poettering.net> wrote:

> On Mon, 14.10.13 09:17, Michael Demeter (michael.demeter at intel.com) wrote:
> 
>> Smack is the simple mandatory access control, i.e. a LSM.
> 
> Kay knows that. He wanted to indicate that the option is called
> SECLABEL{smack}= now, and there's no SMACK= udev field.
>> 
>> On Oct 13, 2013, at 5:17 AM, Kay Sievers <kay at vrfy.org> wrote:
>> 
>>> On Sun, Oct 13, 2013 at 12:20 AM, Kok, Auke-jan H
>>> <auke-jan.h.kok at intel.com> wrote:
>>> 
>>>>> +KERNEL=="null",SMACK="*"
>>> 
>>> What is SMACK=?
>>> 
>>> (and add a space after the ',' please)
>>> 
>>> Kay
>> 
> 
> 
> 
>> _______________________________________________
>> systemd-devel mailing list
>> systemd-devel at lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> 
> 
> 
> Lennart
> 
> -- 
> Lennart Poettering - Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20131014/0cf71eb2/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 8497 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20131014/0cf71eb2/attachment-0001.bin>


More information about the systemd-devel mailing list