On Sat, Apr 30, 2011 at 02:54, Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote: > On Fri, 29.04.11 17:46, Greg KH (greg@xxxxxxxxx) wrote: > >> > > I think /srv actually makes a lot of sense. Probably not so much on the >> > > desktop, but the boundaries are blurry, and I see no reason to set >> > > things up differently in this respect between servers and desktops. I >> > > see little benefit in removing this directory. >> > > >> > I think moving /selinux is Âa bit more complicated then just a simple >> > kernel change. ÂWe have libselinux changes, Lots of tools have learned >> > over the years the path of /selinux and lots of users know about it. >> > >> > I am willing to work towards the goal of moving /selinux, but I might >> > end up with a symbolic link if we can not fix all of the problems. >> >> A symbolic link from /selinux to point at /sys/fs/selinux/ is a good >> idea to help people migrate. ÂThe startup tools should be able to create >> this if /sys/fs/selinux/ is not present, right? > > This is not necessarily easy to do actually, since for upgraded systems > /selinux needs to be an actual directory in the rootfs to be useful as > mount points. At boot time the rootfs is read-only, hence removing the > dir then and turning it into a symlink is difficult. > > However, we can use the same approach as we did for moving /var/run to > /run: on new installs create it as a symlink and on upgrades simply make > it a bind mount. > > For the long run we could also add %post scripts to filesystem.rpm which > moves away the old /selinux, and recreates it as symlink. Unfortunately > that cannot be done completely atomic, but that property is not really > necessary here anyway I think. > > So, yeah, it isn't super-pretty doing this move, but we can handle it > more or less exactly like the /var/run â /run move. Sounds all fine. I think we should get the kernel patch merged as soon as possible. It will not harm anything if we don't use it now, and continue to use /selinux as long as needed. But it will definitely help solving the chicken egg problem when we are ready to do the switch. Kay -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel