-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/04/2010 05:54 AM, Lennart Poettering wrote: > On Wed, 28.07.10 09:39, Daniel J Walsh ([email protected]) wrote: > >> Here is the updated patch with a fix for the labeling of /dev/autofs > > Patch applied and in v5. > > I have rearranged some things a little bit, and made one change which I > think is kinda important: > >> + >> +#if HAVE_SELINUX >> + if (use_selinux()) { >> + label_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0); >> + if (label_hnd != 0) { > > I turned this around, i.e. "if (!label_hnd)". > >> + log_error("Failed to initialize SELinux Context "); >> + r = (security_getenforce() == 1) ? -errno: 0; >> + } >> + } >> +#endif > > Hope that change makes sense? > > Lennart > Definitely. I will fix up policy to work with this and hopefully people will be able to boot systemd in enforcing mode. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkxZffAACgkQrlYvE4MpobOwtACgwMKViCUMxxYK77jKeOvkc+Ff NwoAoMlLsIArBHuewh/r+XP/dSl4pq+O =9Qw+ -----END PGP SIGNATURE----- _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
