[systemd-devel] [PATCH v4] socket: introduce SELinuxContextFromNet option
Lennart Poettering
lennart at poettering.net
Thu Oct 23 16:04:54 PDT 2014
On Wed, 03.09.14 19:39, Lennart Poettering (lennart at poettering.net) wrote:
Michal,
I reworked some parts of your patch a bit in current git, as
retrieving a label is something that cannot be made a NOP on
non-selinux-enabled systems. It either must fail with an error, or
return something useful, but the code so far was actually returning
success but rubbish... Hence I changed the code to return EOPNOTSUPP
when run without selinux, and then changed the code using this to
handle this error appropriately.
Anyway, I changed quite a few other things around as a follow-up. I
really hope I didn't break anything, but I can't test this, as I have
no real idea about the MLS stuff, and don't run this stuff. Hence, I
was wondering if you could test this again? I'd prefer not to release
this without a quick verification that I didn't break anything in that
code.
Thanks!
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list