[systemd-devel] SMACK runtime vs build-time checks? (aka: tmp.mount broke my boot)
Andrei Borzenkov
arvidjaar at gmail.com
Sun Oct 18 00:22:20 PDT 2015
18.10.2015 07:01, Mantas Mikulėnas пишет:
> So far all existing SELinux and SMACK options had runtime checks – if
> systemd was built with +SMACK but the kernel wasn't, it still worked fine.
> (Arch uses such a configuration.)
>
> But then https://github.com/systemd/systemd/issues/1571 added an option to
> tmp.mount which only depends on the build-time option, which creates
> problems when booting a non-SMACK kernel...
>
> Any ideas on how to fix it? All previous such fixes were for API
> filesystems in mount-setup.c and could do flexible checks, but that clearly
> won't work for mount units.
>
Generator could be a solution if it were possible to augment Options
list. Generator itself would have build-time dependency and could add
options based on run-time checks.
More information about the systemd-devel
mailing list