On Tue, 2006-02-07 at 02:18 +0100, Kay Sievers wrote: > The udev event processes, the ones that actually create the device node > are just clones of the main daemon, they run the same code, the same > memory as the main daemon, they don't exec() anything. So everything that > is available in the main daemon before the event process is forked, will > also be available in the event process itself while it is creating the > node. > > That's the reason I was asking, cause it sounds like the current selinux > integration could be optimized. Seems there is no need for any pipe or other > ipc, if selinux is fine with the inherited state from the daemon. Yes, in that case, performing the matchpathcon_init_prefix call once in the main daemon would likely be fine. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
