No program hard-depends on "secmark=" (not: no program depends on
procfs/nfct). That field does not show up if you have SECMARK
disabled - it is guarded by #ifdef - so any parsers out there
have to cater for its absence. In other words, it is safe to
remove the field from the output.
Why should that field be removed though - please give me a valid reason?
The earlier suggestion, by Eric, was to replace the value of it with its
proper text - this is how it should have been done in the first place!
I would prefer for the procfs interface to cease existing. At the
very least to be not added to any more, per consensus
http://markmail.org/message/h7qeomrtjjjtptio
See my earlier reply - I do not see the need to bloat my images and add
yet another set of tools for which I have no use whatsoever!
For what? For the dubious privilege to be able to see SELinux contexts
in text when I could continue to use secmark in the form in which it
should have been designed/developed in the first place - with its proper
SELinux context showing instead of that useless number?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html