On 09/11/2015 12:43 PM, Divya Vyas wrote: > Hi Dominick, > > I have a question, What is role of policy.29/28/27 . If I understand > correctly It is a binary policy called while kernel booting. Is is > symbolic lick with policy.kern. The suffix indicates the policy format version; the version number is also contained within the file header but having it as a file name suffix is convenient for supporting multiple versions on the same system (e.g. for booting different kernels) and for allowing userspace to select the right file without having to parse it. It isn't normally just a symlink. In Android, we dispensed with the policy version suffix and just called it "sepolicy" because we could ensure that the kernel and userspace were aligned and that the policy file would always be compatible with the kernel. We also had to move it out of /etc and into / so that it could be loaded before the /system partition was mounted, since /etc in Android is just a symlink to /system/etc and is not available immediately. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
