2011/4/4 Michal Schmidt <[email protected]>: > On Mon, 04 Apr 2011 20:59:58 +0200 Alexander Boström wrote: >> > If on the other hand / stays read-only for the whole duration of >> > working with SELinux disabled, then no contexts will be harmed and >> > relabeling will not be necessary. >> >> If / is ro but /var is rw then a relabel is still useful, right? >> >> And /var is more likely to be mounted rw than / is, so it would make >> sense to store this flag somewhere in /var. >> >> Or even better, in each filesystem. (An xattr on the root inode?) > > hehe, I was rethinking this today and came to the same conclusion :-) > i.e. that it really ought to be per-filesystem. I didn't think of > using xattrs for this though. It's an interesting idea. I was > thinking about adding a field to the fs superblock, but that would > require kernel changes in several filesystems. xattr is easier.
We really need something here that is not tied to the / inode, because we want to support r/o / or / on tmpfs with only the subdirs mounted from disk. xattrs of / just have the same issues as /.-files, it's just a different storage format regarding that problem. Kay _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
