From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from goalie.tycho.ncsc.mil (goalie [144.51.3.250]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id p6JKYMVK014082 for ; Tue, 19 Jul 2011 16:34:22 -0400 Received: from cp-out9.libero.it (localhost [127.0.0.1]) by msux-gh1-uea02.nsa.gov (8.12.10/8.12.10) with ESMTP id p6JKYLl2025297 for ; Tue, 19 Jul 2011 20:34:21 GMT Subject: Re: [PATCH] Further clarification of the usage of run_init in the manual page From: Guido Trentalancia To: Eric Paris Cc: selinux@tycho.nsa.gov Date: Tue, 19 Jul 2011 22:34:18 +0200 In-Reply-To: References: <1311105066.2550.21.camel@vortex> Content-Type: text/plain; charset="UTF-8" Message-ID: <1311107658.2550.29.camel@vortex> Mime-Version: 1.0 Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov Hi Eric, thanks very much for your time. On Tue, 2011-07-19 at 16:12 -0400, Eric Paris wrote: > Patch added to my 'soon to be in fedora' tree. I hope to slowly move > everything from my tree into the upstream tree and review from others > is done. > > side note: I tend to add pam_rootok to run_init so I don't have to be > interactive. It's a nice idea/tip which could be potentially appreciated by many and therefore I'd be quite keen to create a new patch and add a note about it to the manual page, if it wasn't for the uncertainty of what would happen if one day the pam_rootok module disappears, changes its name or whatever else. At the end it's an external dependency that has nothing to do with SELinux... > -Eric Regards, Guido > On Tue, Jul 19, 2011 at 3:51 PM, Guido Trentalancia > wrote: > > It's a very minor thing really, but I believe (on the basis of an > > off-list question) that the manual page for policycoreutils/run_init can > > be improved by the following short patch which aims to further clarify > > the intended usage of such tool and mention that it caters for one > > (somewhat hidden) compile-time option. > > > > diff -pruN selinux-09062011/policycoreutils/run_init/run_init.8 selinux-09062011-run_init-auth-manpage/policycoreutils/run_init/run_init.8 > > --- selinux-09062011/policycoreutils/run_init/run_init.8 2011-05-09 01:04:17.075842476 +0200 > > +++ selinux-09062011-run_init-auth-manpage/policycoreutils/run_init/run_init.8 2011-06-09 23:06:53.350242852 +0200 > > @@ -9,6 +9,8 @@ run_init \- run an init script in the pr > > .PP > > Run a init script under the proper context, which is specified in > > /etc/selinux/POLICYTYPE/contexts/initrc_context. > > +It is generally used interactively as it requires either shadow or > > +PAM user authentication (depending on compile-time options). > > .SH FILES > > /etc/passwd - user account information > > .br > > > > > > > > -- > > This message was distributed to subscribers of the selinux mailing list. > > If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with > > the words "unsubscribe selinux" without quotes as the message. > > > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.