From: Luke Kenneth Casson Leighton <lkcl@lkcl.net>
To: SE-Linux <selinux@tycho.nsa.gov>,
Linux Hotplug Dev List
<linux-hotplug-devel@lists.sourceforge.net>
Subject: [patch] udev-selinux: restores file security context and sets mode in matchpathcon
Date: Tue, 03 Aug 2004 15:26:23 +0000 [thread overview]
Message-ID: <20040803152623.GE4043@lkcl.net> (raw)
okay, updated.
this is an experimental patch.
- records former security context
- assumes any file creates (directories, symlinks, nodes) are hunky-dory
and going to be the only file creates
- restores former security context.
matchpathcon mode on:
- directories (for the mkdirs) uses S_IFDIR
- inodes (for the mknod) uses the mode passed in.
- symlinks uses S_IFDIR
the reason for using this patch is because of speed:
if matchpathcon is used in the same process, the lookups etc.
are cached.
a reason for _not_ using this patch is for a udev in initrd
where the smaller klibc is used. it would be necessary to add
rexeg to klibc and to compile a special libselinux1 with it.
if you do not intend to put udev into an initrd, this patch is
perfectly acceptable for use.
l.
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
WARNING: multiple messages have this Message-ID (diff)
From: Luke Kenneth Casson Leighton <lkcl@lkcl.net>
To: SE-Linux <selinux@tycho.nsa.gov>,
Linux Hotplug Dev List
<linux-hotplug-devel@lists.sourceforge.net>
Subject: [patch] udev-selinux: restores file security context and sets mode in matchpathcon
Date: Tue, 3 Aug 2004 16:26:23 +0100 [thread overview]
Message-ID: <20040803152623.GE4043@lkcl.net> (raw)
okay, updated.
this is an experimental patch.
- records former security context
- assumes any file creates (directories, symlinks, nodes) are hunky-dory
and going to be the only file creates
- restores former security context.
matchpathcon mode on:
- directories (for the mkdirs) uses S_IFDIR
- inodes (for the mknod) uses the mode passed in.
- symlinks uses S_IFDIR
the reason for using this patch is because of speed:
if matchpathcon is used in the same process, the lookups etc.
are cached.
a reason for _not_ using this patch is for a udev in initrd
where the smaller klibc is used. it would be necessary to add
rexeg to klibc and to compile a special libselinux1 with it.
if you do not intend to put udev into an initrd, this patch is
perfectly acceptable for use.
l.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next reply other threads:[~2004-08-03 15:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-03 15:26 Luke Kenneth Casson Leighton [this message]
2004-08-03 15:26 ` [patch] udev-selinux: restores file security context and sets mode in matchpathcon Luke Kenneth Casson Leighton
2004-08-04 9:33 ` [patch] udev-selinux: restores file security context and sets Hannes Reinecke
2004-08-04 11:09 ` [patch] udev-selinux: restores file security context and sets mode in matchpathcon Luke Kenneth Casson Leighton
2004-08-04 11:09 ` Luke Kenneth Casson Leighton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040803152623.GE4043@lkcl.net \
--to=lkcl@lkcl.net \
--cc=linux-hotplug-devel@lists.sourceforge.net \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.