[systemd-devel] [PATCH 1/1] Add SELinux support to systemd-nspawn
Lennart Poettering
lennart at poettering.net
Tue Feb 4 05:22:02 PST 2014
On Thu, 30.01.14 16:28, Daniel J Walsh (dwalsh at redhat.com) wrote:
Heya,
Please also add these options to the man page...
> + " -L --filelabel=LABEL Set the MAC file label to be used by tmpfs file systems in container\n"
> + " -Z --processlabel=LABEL Set the MAC Label to be
> used by processes in container\n"
So far we used dashes to seperate words in switches. "--file-label="
sounds more appropriate hence than "--filelabel". Hmm, we try to be
conservative with short options, and use them only for the stuff that
people are likely to invoke frequently from the interative command
line. Does --file-label= and --process-label= really qualify for that?
> + case 'L':
> + if (asprintf(&file_label,",context=\"%s\"",> optarg) < 0)
Hmm, it would appear nicer to me to do the format string thing where we
actually use the label, rather than this early already. In fact, if you
just store the label directly we can avoid allocations here, and just
assign a pointer to the optarg value directly...
Also, so far we prefixed all variables that filled in by the command
line with "arg_". It would be good to maintain this style here.
Otherwise looks OK!
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list