[systemd-devel] [PATCH] selinux: Only attempt to load policy exactly once, in the real root
Eric Paris
eparis at parisplace.org
Thu Feb 20 11:27:19 PST 2014
I like it, if it's reasonable/possible
On Thu, Feb 20, 2014 at 2:26 PM, Lennart Poettering
<lennart at poettering.net> wrote:
> On Thu, 20.02.14 13:50, Eric Paris (eparis at parisplace.org) wrote:
>
>> Not really. If it doesn't exist on the final root fs and I put
>> enforcing=1 on the command line, I expect the box to
>> panic/fail/die/whatever....
>
> OK, then maybe check "!in_initrd() || access("/etc/selinux/", F_OK) >= 0"?
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list