[systemd-devel] [PATCH] Add SELinuxContext configuration item
Kay Sievers
kay at vrfy.org
Fri Jan 3 13:41:33 PST 2014
On Fri, Jan 3, 2014 at 6:21 PM, Zbigniew Jędrzejewski-Szmek
<zbyszek at in.waw.pl> wrote:
>> And not make it SELinux specific. Maybe the field could be SecurityLabel:
>>
>> That would allow smack to also use the field and any other LSM that used a
>> labeling system.
> This would make it impossible to use the same unit file with more than
> one security framework. This might be desirable, even if they cannot be enabled
> at the same time.
Udev uses:
SECLABEL{selinux}="foo"
SECLABEL{smack}="bar"
I think we should be able to distinguish the LSM-module-specific label
type somehow in the key or value.
Kay
More information about the systemd-devel
mailing list