On Monday 29 December 2008 18:12, "xing li" <lixing.1006@xxxxxxxxx> wrote: > I have download the upstart source code from ubuntu > http://packages.ubuntu.com/, (hardy) > but i have't found the selinux relevant code in it. I am so confused that > how the /sbin/init invoke > the "load_policy" function during system initialization? http://etbe.coker.com.au/2008/07/24/se-linux-policy-loading/ I have described all the issues at the above blog post. Use SysVInit and the patch is there. If you want to use Upstart then you could patch it yourself (it's just a matter of copying a couple of chunks of code from SysVInit). Another option is to use the wrapper script hack that I used ages ago on Cobalt machines. Just boot the kernel with init=/sbin/init-wrapper and then have /sbin/init-wrapper be a shell script like the following: #!/bin/bash /usr/sbin/load_policy exec /sbin/init Messing with the initrd is just a bad idea, such things are not going to happen in Debian. In fact, why not just use Debian? I think that overall the result you get will be a lot better if you use Debian instead of Ubuntu for running SE Linux. -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Main Blog http://doc.coker.com.au/ My Documents Blog -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
