Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patch speeds up semanage command from 17-20 seconds to 3-4 seconds.
Hi Dan! Some suggestions below, if I can still remember correctly how this was supposed to work: One issue with the patch is that it makes an already large and hard to maintain function even larger - it would be better to split it up and make it modular instead. Likely "merge_components" and "commit_components" should be changed to pass the components to merge or commit as arguments - so you can operate on file and policydb components separately. The "attach" calls shouldn't really be needed, since you're not re-writing the policydb, or changing ports/bools/etc. It would be better to change the rest of the code, so that the attach calls become unnecessary in this code path. On the other hand the code that parses out seusers/fcontexts/users_extra info from the module package may be necessary, so that your local seusers/fcontexts/users_extra changes are properly merged with the shipped policy files - these are the "write_file" sections above. - Ivan -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
