On Wed, 2007-12-12 at 11:20 -0800, Casey Schaufler wrote: > --- David Howells <dhowells@xxxxxxxxxx> wrote: > > > Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > > > > > You may need to have an application, say cachefileselinuxcontext, that will > > > read the current policy and spit out an appropriate value of "<whatever>", > > > but that can be separate and LSM specific without mucking up your basic > > > infrastructure applications. > > > > What would I do with such a thing? How would it get run? Spat out to where? > > Put it in /etc/init.d/cachefiles and run it at boot time. Put the > result into /etc/cachefiles.conf. Have cachefilesd read it and pass > it downward. More likely, run it at build time in your .spec file to generate cachefiles.conf, then run it again maybe upon a policy update or if the user selects a different policy. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
