On 02/20/2014 08:49 AM, Colin Walters wrote: > This libselinux patch won't actually apply to git master of selinux, as > it's really on top of the Fedora libselinux package which is carrying a > patch to use LZMA compression. > > This is more of a RFC - I wrote these patches to debug a problem which > I've now (mostly) solved, but they may help someone else in the future... Agreed, we did the same in the corresponding function for Android policy loading. > One question - systemd git has this comment: > > /* Make sure we have no fds open while loading the policy and > * transitioning */ > log_close(); > > Introduced by this commit: > http://cgit.freedesktop.org/systemd/systemd/commit/?id=0b3325e7 > > Is that really necessary? Something relating to the labels of the fds? > If so, is there something we can do to allow logging? I could probably > change the systemd log handler to write to a memory buffer or something > if it's necessary. > > For reference I'm attaching my (currently somewhat unclean) systemd > patch as well. Probably just to avoid needing to allow the new context to use fds with the old context in policy, but likely not critical. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
