[systemd-devel] socket activation selinux context on create
Lennart Poettering
lennart at poettering.net
Fri Sep 2 14:13:45 UTC 2022
On Fr, 02.09.22 09:04, Ted Toth (txtoth at gmail.com) wrote:
> I have set the type for the port in question using the 'semanage port'
> command so the loaded policy has a type which systemd should use when
> calling setsockcreatecon. It is my opinion that
> socket_determine_selinux_label function should query policy for the
> port type and if it has been set use it and if not fallback to its
> current behavior.
Sure, patch very welcome.
SELinux code really requires external contributions, none of the core
developers know SELinux too well to do feel confident to implement
that.
(consider filing an RFE issue on github, so that this is tracked)
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list