-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Basically looking at compressing the policy file to shrink SELinux footprint
in the minimal install/cloud image.
Currently the policy modules (pp files) are shipped with bzip compression but
the actually policy file.
But the /etc/selinux/targeted/policy/policy.29 is not compressed. systemd and
load_policy use libselinux to read in the policy file and load it into the
kernel, so since systemd currently uses libxz, I figured this would be the
best solution to add libxz support to libselinux.
ls -l /etc/selinux/targeted/policy/policy.29*
- -rw-r--r--. 1 root root 2703245 Sep 11 13:56
/etc/selinux/targeted/policy/policy.29
- -rw-r--r--. 1 root root 395072 Sep 11 13:56
/etc/selinux/targeted/policy/policy.29.xz
Worth the effort?
Should I use a different algorithm?
Advise on using libxz? Keep memory small?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlIxqzoACgkQrlYvE4MpobMnkACgk+NeEeHuFSECZwoHF9B3UmTb
fCYAn2BfSemECcSPXIxCd7OCSkyIOXgO
=ZD3h
-----END PGP SIGNATURE-----
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
If the loss of time when loading selinux-policy (not a one policy module, but all of them) will not be large, it is worth it :)
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
