Information about selinuxfs

All of lore.kernel.org
 help / color / mirror / Atom feed

* Information about selinuxfs
@ 2003-12-12 12:47 Carlos Anísio Monteiro
  2003-12-12 13:43 ` Stephen Smalley
  2003-12-12 13:55 ` Information about selinuxfs Russell Coker
  0 siblings, 2 replies; 5+ messages in thread
From: Carlos Anísio Monteiro @ 2003-12-12 12:47 UTC (permalink / raw)
  To: selinux

Helo.

A information about the selinuxfs filesystem.
The directory name and the path to mount o selinuxfs must be alway /selinux.
A change on this name (/selinux) only affect the sysvinit and initrd, 
what set the directory name and path, or it will cause others problems ?

Many thanks.


-- 
Carlos Anisio Monteiro  <monteiro@ipen.br>
IPEN/CNEN-SP
Sao Paulo - Brasil



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Information about selinuxfs
  2003-12-12 12:47 Information about selinuxfs Carlos Anísio Monteiro
@ 2003-12-12 13:43 ` Stephen Smalley
  2003-12-12 15:43   ` [patch] Change libselinux to discover selinuxfs mount point via /proc/mounts (Was: Re: Information about selinuxfs) Stephen Smalley
  2003-12-12 13:55 ` Information about selinuxfs Russell Coker
  1 sibling, 1 reply; 5+ messages in thread
From: Stephen Smalley @ 2003-12-12 13:43 UTC (permalink / raw)
  To: Carlos Anísio Monteiro; +Cc: selinux

On Fri, 2003-12-12 at 07:47, Carlos Anísio Monteiro wrote:
> Helo.
> 
> A information about the selinuxfs filesystem.
> The directory name and the path to mount o selinuxfs must be alway /selinux.
> A change on this name (/selinux) only affect the sysvinit and initrd, 
> what set the directory name and path, or it will cause others problems ?

libselinux expects selinuxfs to be mounted on /selinux for the various
security_* calls.  However, someone recently suggested that we change
libselinux to discover the selinuxfs mount point at runtime from
/proc/mounts, which would allow you to change the mount point without
requiring a patch and rebuild for libselinux.

There have been suggestions to move the selinuxfs mount point from
/selinux to somewhere else, e.g. /security/selinux, but no final
decision yet.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [patch] Change libselinux to discover selinuxfs mount point via /proc/mounts (Was:  Re: Information about selinuxfs)
  2003-12-12 13:43 ` Stephen Smalley
@ 2003-12-12 15:43   ` Stephen Smalley
  2003-12-18 18:00     ` Stephen Smalley
  0 siblings, 1 reply; 5+ messages in thread
From: Stephen Smalley @ 2003-12-12 15:43 UTC (permalink / raw)
  To: Carlos Anísio Monteiro; +Cc: selinux, Russell Coker, Daniel J Walsh

[-- Attachment #1: Type: text/plain, Size: 1367 bytes --]

On Fri, 2003-12-12 at 08:43, Stephen Smalley wrote:
> libselinux expects selinuxfs to be mounted on /selinux for the various
> security_* calls.  However, someone recently suggested that we change
> libselinux to discover the selinuxfs mount point at runtime from
> /proc/mounts, which would allow you to change the mount point without
> requiring a patch and rebuild for libselinux.

The attached patch makes the change described above to libselinux.  A
constructor function determines the selinuxfs mount point from
/proc/mounts during initialization, and this mount point directory is
then used by the libselinux functions.  This eliminates the need to
rebuild libselinux in the future if the mount point changes.

 libselinux/src/check_context.c   |    6 +++
 libselinux/src/compute_av.c      |    5 ++-
 libselinux/src/compute_create.c  |    5 ++-
 libselinux/src/compute_relabel.c |    5 ++-
 libselinux/src/compute_user.c    |    5 ++-
 libselinux/src/getenforce.c      |    5 ++-
 libselinux/src/init.c            |   62 +++++++++++++++++++++++++++++++++++++++
 libselinux/src/load_policy.c     |    6 +++
 libselinux/src/policy.h          |    3 +
 libselinux/src/policyvers.c      |    5 ++-
 libselinux/src/setenforce.c      |    5 ++-
 11 files changed, 103 insertions(+), 9 deletions(-)

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

[-- Attachment #2: libselinux.patch --]
[-- Type: text/x-patch, Size: 8240 bytes --]

Index: selinux-usr/libselinux/src/check_context.c
diff -u selinux-usr/libselinux/src/check_context.c:1.2 selinux-usr/libselinux/src/check_context.c:1.3
--- selinux-usr/libselinux/src/check_context.c:1.2	Tue Apr 29 17:09:21 2003
+++ selinux-usr/libselinux/src/check_context.c	Fri Dec 12 10:29:05 2003
@@ -4,14 +4,18 @@
 #include <stdlib.h>
 #include <errno.h>
 #include <string.h>
+#include <stdio.h>
 #include <selinux/selinux.h>
 #include "policy.h"
+#include <limits.h>
 
 int security_check_context(security_context_t con)
 {
+	char path[PATH_MAX];
 	int fd, ret;
 
-	fd = open(SELINUXMNT "context", O_RDWR);
+	snprintf(path, sizeof path, "%s/context", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0)
 		return -1;
 
Index: selinux-usr/libselinux/src/compute_av.c
diff -u selinux-usr/libselinux/src/compute_av.c:1.5 selinux-usr/libselinux/src/compute_av.c:1.6
--- selinux-usr/libselinux/src/compute_av.c:1.5	Mon Dec  1 14:28:32 2003
+++ selinux-usr/libselinux/src/compute_av.c	Fri Dec 12 10:29:05 2003
@@ -8,6 +8,7 @@
 #include <asm/page.h>
 #include <selinux/selinux.h>
 #include "policy.h"
+#include <limits.h>
 
 int security_compute_av(security_context_t scon,
 			security_context_t tcon,
@@ -15,11 +16,13 @@
 			access_vector_t requested,
 			struct av_decision *avd)
 {
+	char path[PATH_MAX];
 	char *buf;
 	size_t len;
 	int fd, ret;
 
-	fd = open(SELINUXMNT "access", O_RDWR);
+	snprintf(path, sizeof path, "%s/access", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0) 
 		return -1;
 
Index: selinux-usr/libselinux/src/compute_create.c
diff -u selinux-usr/libselinux/src/compute_create.c:1.7 selinux-usr/libselinux/src/compute_create.c:1.8
--- selinux-usr/libselinux/src/compute_create.c:1.7	Thu Jul 17 10:38:06 2003
+++ selinux-usr/libselinux/src/compute_create.c	Fri Dec 12 10:29:05 2003
@@ -8,17 +8,20 @@
 #include <asm/page.h>
 #include <selinux/selinux.h>
 #include "policy.h"
+#include <limits.h>
 
 int security_compute_create(security_context_t scon,
 			    security_context_t tcon,
 			    security_class_t tclass,
 			    security_context_t *newcon)
 {
+	char path[PATH_MAX];
 	char *buf;
 	size_t size;
 	int fd, ret;
 
-	fd = open(SELINUXMNT "create", O_RDWR);
+	snprintf(path, sizeof path, "%s/create", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0)
 		return -1;
 
Index: selinux-usr/libselinux/src/compute_relabel.c
diff -u selinux-usr/libselinux/src/compute_relabel.c:1.7 selinux-usr/libselinux/src/compute_relabel.c:1.8
--- selinux-usr/libselinux/src/compute_relabel.c:1.7	Thu Jul 17 10:38:06 2003
+++ selinux-usr/libselinux/src/compute_relabel.c	Fri Dec 12 10:29:05 2003
@@ -8,17 +8,20 @@
 #include <asm/page.h>
 #include <selinux/selinux.h>
 #include "policy.h"
+#include <limits.h>
 
 int security_compute_relabel(security_context_t scon,
 			    security_context_t tcon,
 			    security_class_t tclass,
 			    security_context_t *newcon)
 {
+	char path[PATH_MAX];
 	char *buf;
 	size_t size;
 	int fd, ret;
 
-	fd = open(SELINUXMNT "relabel", O_RDWR);
+	snprintf(path, sizeof path, "%s/relabel", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0)
 		return -1;
 
Index: selinux-usr/libselinux/src/compute_user.c
diff -u selinux-usr/libselinux/src/compute_user.c:1.5 selinux-usr/libselinux/src/compute_user.c:1.6
--- selinux-usr/libselinux/src/compute_user.c:1.5	Mon Dec  1 14:28:32 2003
+++ selinux-usr/libselinux/src/compute_user.c	Fri Dec 12 10:29:05 2003
@@ -8,18 +8,21 @@
 #include <asm/page.h>
 #include <selinux/selinux.h>
 #include "policy.h"
+#include <limits.h>
 
 int security_compute_user(security_context_t scon,
 			  const char *user,
 			  security_context_t **con)
 {
+	char path[PATH_MAX];
 	char **ary;
 	char *buf, *ptr;
 	size_t size;
 	int fd, ret;
 	unsigned int i, nel;
 
-	fd = open(SELINUXMNT "user", O_RDWR);
+	snprintf(path, sizeof path, "%s/user", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0)
 		return -1;
 
Index: selinux-usr/libselinux/src/getenforce.c
diff -u selinux-usr/libselinux/src/getenforce.c:1.1 selinux-usr/libselinux/src/getenforce.c:1.2
--- selinux-usr/libselinux/src/getenforce.c:1.1	Tue Oct 21 15:40:40 2003
+++ selinux-usr/libselinux/src/getenforce.c	Fri Dec 12 10:29:05 2003
@@ -7,13 +7,16 @@
 #include <selinux/selinux.h>
 #include "policy.h"
 #include <stdio.h>
+#include <limits.h>
 
 int security_getenforce(void)
 {
 	int fd, ret, enforce = 0;
+	char path[PATH_MAX];
 	char buf[20];
 
-	fd = open(SELINUXMNT "enforce", O_RDONLY);
+	snprintf(path, sizeof path, "%s/enforce", selinux_mnt);
+	fd = open(path, O_RDONLY);
 	if (fd < 0)
 		return -1;
 
Index: selinux-usr/libselinux/src/init.c
diff -u /dev/null selinux-usr/libselinux/src/init.c:1.1
--- /dev/null	Fri Dec 12 10:30:01 2003
+++ selinux-usr/libselinux/src/init.c	Fri Dec 12 10:29:05 2003
@@ -0,0 +1,62 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <selinux/selinux.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <ctype.h>
+#include <asm/page.h>
+
+char *selinux_mnt = NULL;
+
+static void init_selinuxmnt(void) __attribute__ ((constructor));
+
+static void init_selinuxmnt(void)
+{
+	char *buf, *p;
+	size_t size;
+	int fd;
+	ssize_t ret;
+
+	if (selinux_mnt)
+		return;
+
+	fd = open("/proc/mounts", O_RDONLY);
+	if (fd < 0)
+		return;
+
+	size = PAGE_SIZE;
+	buf = malloc(size);
+	if (!buf)
+		goto out;
+		
+	memset(buf, 0, size);
+
+	ret = read(fd, buf, size - 1);
+	if (ret < 0)
+		goto out2;
+
+	p = strstr(buf, "selinuxfs");
+	if (!p)
+		goto out2;
+
+	p--;
+	*p = 0;
+	p--;
+
+	while (p > buf && !isspace(*p))
+		p--;
+
+	if (isspace(*p))
+		p++;
+
+	selinux_mnt = strdup(p);
+
+out2:
+	free(buf);
+out:
+	close(fd);
+	return;
+
+}
+ 
Index: selinux-usr/libselinux/src/load_policy.c
diff -u selinux-usr/libselinux/src/load_policy.c:1.2 selinux-usr/libselinux/src/load_policy.c:1.3
--- selinux-usr/libselinux/src/load_policy.c:1.2	Tue Apr 29 17:09:21 2003
+++ selinux-usr/libselinux/src/load_policy.c	Fri Dec 12 10:29:05 2003
@@ -2,15 +2,19 @@
 #include <sys/types.h>
 #include <fcntl.h>
 #include <stdlib.h>
+#include <stdio.h>
 #include <errno.h>
 #include <selinux/selinux.h>
 #include "policy.h"
+#include <limits.h>
 
 int security_load_policy(void *data, size_t len)
 {
+	char path[PATH_MAX];
 	int fd, ret;
 	
-	fd = open(SELINUXMNT "load", O_RDWR);
+	snprintf(path, sizeof path, "%s/load", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0) 
 		return -1;
 
Index: selinux-usr/libselinux/src/policy.h
diff -u selinux-usr/libselinux/src/policy.h:1.4 selinux-usr/libselinux/src/policy.h:1.5
--- selinux-usr/libselinux/src/policy.h:1.4	Tue Oct 21 15:40:40 2003
+++ selinux-usr/libselinux/src/policy.h	Fri Dec 12 10:29:06 2003
@@ -9,6 +9,9 @@
 /* Initial length guess for getting contexts. */
 #define INITCONTEXTLEN 255
 
+/* selinuxfs mount point */
+extern char *selinux_mnt;
+
 #endif
 
 
Index: selinux-usr/libselinux/src/policyvers.c
diff -u selinux-usr/libselinux/src/policyvers.c:1.1 selinux-usr/libselinux/src/policyvers.c:1.2
--- selinux-usr/libselinux/src/policyvers.c:1.1	Tue Oct 21 15:40:40 2003
+++ selinux-usr/libselinux/src/policyvers.c	Fri Dec 12 10:29:06 2003
@@ -7,16 +7,19 @@
 #include <selinux/selinux.h>
 #include <stdio.h>
 #include "policy.h"
+#include <limits.h>
 
 #define DEFAULT_POLICY_VERSION 15
 
 int security_policyvers(void)
 {
 	int fd, ret;
+	char path[PATH_MAX];
 	char buf[20];
 	unsigned vers = DEFAULT_POLICY_VERSION;
 
-	fd = open(SELINUXMNT "policyvers", O_RDONLY);
+	snprintf(path, sizeof path, "%s/policyvers", selinux_mnt);
+	fd = open(path, O_RDONLY);
 	if (fd < 0)
 		return vers;
 	memset(buf, 0, sizeof buf);
Index: selinux-usr/libselinux/src/setenforce.c
diff -u selinux-usr/libselinux/src/setenforce.c:1.1 selinux-usr/libselinux/src/setenforce.c:1.2
--- selinux-usr/libselinux/src/setenforce.c:1.1	Tue Oct 21 15:40:40 2003
+++ selinux-usr/libselinux/src/setenforce.c	Fri Dec 12 10:29:06 2003
@@ -7,13 +7,16 @@
 #include <selinux/selinux.h>
 #include "policy.h"
 #include <stdio.h>
+#include <limits.h>
 
 int security_setenforce(int value)
 {
 	int fd, ret;
+	char path[PATH_MAX];
 	char buf[20];
 
-	fd = open(SELINUXMNT "enforce", O_RDWR);
+	snprintf(path, sizeof path, "%s/enforce", selinux_mnt);
+	fd = open(path, O_RDWR);
 	if (fd < 0)
 		return -1;
 

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [patch] Change libselinux to discover selinuxfs mount point via /proc/mounts (Was:  Re: Information about selinuxfs)
  2003-12-12 15:43   ` [patch] Change libselinux to discover selinuxfs mount point via /proc/mounts (Was: Re: Information about selinuxfs) Stephen Smalley
@ 2003-12-18 18:00     ` Stephen Smalley
  0 siblings, 0 replies; 5+ messages in thread
From: Stephen Smalley @ 2003-12-18 18:00 UTC (permalink / raw)
  To: Carlos Anísio Monteiro; +Cc: selinux, Russell Coker, Daniel J Walsh

[-- Attachment #1: Type: text/plain, Size: 1103 bytes --]

On Fri, 2003-12-12 at 10:43, Stephen Smalley wrote:
> The attached patch makes the change described above to libselinux.  A
> constructor function determines the selinuxfs mount point from
> /proc/mounts during initialization, and this mount point directory is
> then used by the libselinux functions.  This eliminates the need to
> rebuild libselinux in the future if the mount point changes.

Dan Walsh pointed out that this patch to libselinux breaks the
SELinux-patched /sbin/init program, because:
a) when the init_selinuxmnt() constructor runs for /sbin/init, selinuxfs
has not yet been mounted, so selinux_mnt cannot be determined,
b) even if init_selinuxmnt() were explicitly called by /sbin/init after
performing the mount, it still cannot obtain the information from
/proc/mounts because /proc is not mounted yet.

An updated sysvinit-selinux.patch is attached; this patch causes
/sbin/init to explicitly set selinux_mnt to avoid this problem.  Dan has
updated RPMs on his page (under ftp://people.redhat.com/dwalsh/SELinux).

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

[-- Attachment #2: sysvinit-selinux.patch --]
[-- Type: text/plain, Size: 3309 bytes --]

--- sysvinit-2.85/src/Makefile.selinux	2003-12-18 10:59:15.184561444 -0500
+++ sysvinit-2.85/src/Makefile	2003-12-18 10:59:15.645514208 -0500
@@ -32,7 +32,7 @@
 all:		$(PROGS)
 
 init:		init.o init_utmp.o
-		$(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o
+		$(CC) $(LDFLAGS) $(STATIC) -o $@ init.o init_utmp.o -lselinux
 
 halt:		halt.o ifdown.o hddown.o utmp.o reboot.h
 		$(CC) $(LDFLAGS) -o $@ halt.o ifdown.o hddown.o utmp.o
@@ -62,7 +62,7 @@
 		$(CC) $(LDFLAGS) -o $@ bootlogd.o
 
 init.o:		init.c init.h set.h reboot.h
-		$(CC) -c $(CFLAGS) init.c
+		$(CC) -c $(CFLAGS) -DWITH_SELINUX init.c
 
 utmp.o:		utmp.c init.h
 		$(CC) -c $(CFLAGS) utmp.c
--- sysvinit-2.85/src/init.c.selinux	2003-12-18 10:59:15.590519844 -0500
+++ sysvinit-2.85/src/init.c	2003-12-18 11:01:06.370705686 -0500
@@ -78,6 +78,81 @@
 			sigemptyset(&sa.sa_mask); \
 			sigaction(sig, &sa, NULL); \
 		} while(0)
+#ifdef WITH_SELINUX
+#include <sys/mman.h>
+#include <selinux/selinux.h>
+#include <sys/mount.h>
+
+static int load_policy(int *enforce) 
+{
+  int fd=-1,ret=-1;
+  int rc=0;
+  struct stat sb;
+  void *map;
+  char policy_file[PATH_MAX];
+  int policy_version=0;
+  extern char *selinux_mnt;
+
+  log(L_VB, "Loading security policy\n");
+  if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0) {
+    if (errno == ENODEV) {
+      log(L_VB, "SELinux not supported by kernel: %s\n",SELINUXMNT,strerror(errno));
+    } 
+    else {
+      log(L_VB, "Failed to mount %s: %s\n",SELINUXMNT,strerror(errno));
+      return ret;
+    }
+    return ret; /* Never gets here */
+  }
+
+  selinux_mnt = SELINUXMNT; /* set manually since we mounted it */
+
+  policy_version=security_policyvers();
+  if (policy_version < 0) {
+    log(L_VB,  "Can't get policy version: %s\n", strerror(errno));
+    goto UMOUNT;
+  }
+  
+  rc=security_getenforce();
+  if (rc < 0) {
+    log(L_VB,  "Can't get SELinux enforcement flag: %s\n", strerror(errno));
+    goto UMOUNT;
+  } 
+  *enforce=rc;
+
+  snprintf(policy_file,sizeof(policy_file),"%s.%d",SELINUXPOLICY,policy_version);
+  fd = open(policy_file, O_RDONLY);
+  if (fd < 0) {
+    log(L_VB,  "Can't open '%s':  %s\n",
+	    policy_file, strerror(errno));
+    goto UMOUNT;
+  }
+  
+  if (fstat(fd, &sb) < 0) {
+    log(L_VB, "Can't stat '%s':  %s\n",
+	    policy_file, strerror(errno));
+    goto UMOUNT;
+  }
+  
+  map = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0);
+  if (map == MAP_FAILED) {
+    log(L_VB,  "Can't map '%s':  %s\n",
+	    policy_file, strerror(errno));
+    goto UMOUNT;
+  }
+  ret=security_load_policy(map, sb.st_size);
+  if (ret < 0) {
+    log(L_VB, "security_load_policy failed\n");
+  }
+
+ UMOUNT:
+  /*umount(SELINUXMNT); */
+  if ( fd >= 0) {
+    close(fd);
+  }
+  return(ret);
+}
+#endif
 
 /* Version information */
 char *Version = "@(#) init " VERSION "  " DATE "  miquels@cistron.nl";
@@ -2576,6 +2651,20 @@
 		maxproclen += strlen(argv[f]) + 1;
 	}
 
+#ifdef WITH_SELINUX
+  	if (getenv("SELINUX_INIT") == NULL) {
+	  putenv("SELINUX_INIT=YES");
+	  int enforce=0;
+	  if (load_policy(&enforce) == 0 ) {
+	    execv(myname, argv);
+	  } else {
+	    if (enforce) 
+	      /* SELinux in enforcing mode but load_policy failed */
+	      exit(1);
+	  }
+	}
+#endif
+  
 	/* Start booting. */
 	argv0 = argv[0];
 	argv[1] = NULL;

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Information about selinuxfs
  2003-12-12 12:47 Information about selinuxfs Carlos Anísio Monteiro
  2003-12-12 13:43 ` Stephen Smalley
@ 2003-12-12 13:55 ` Russell Coker
  1 sibling, 0 replies; 5+ messages in thread
From: Russell Coker @ 2003-12-12 13:55 UTC (permalink / raw)
  To: Carlos Anísio Monteiro, selinux

On Fri, 12 Dec 2003 23:47, Carlos Anísio Monteiro <monteiro@ipen.br> wrote:
> A information about the selinuxfs filesystem.
> The directory name and the path to mount o selinuxfs must be alway
> /selinux. A change on this name (/selinux) only affect the sysvinit and
> initrd, what set the directory name and path, or it will cause others
> problems ?

Every program that wants to verify the validity of a security context, load 
new security policy, check the version of the policy, or do almost any other 
operation that involves SE Linux will depend on the path.  So changing the 
mount point will require recompiling libselinux.

There has been some discussion about this, but so far no decision has been 
made.

Why do you want to change it and where do you think would be the best place?

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2003-12-18 18:00 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-12-12 12:47 Information about selinuxfs Carlos Anísio Monteiro
2003-12-12 13:43 ` Stephen Smalley
2003-12-12 15:43   ` [patch] Change libselinux to discover selinuxfs mount point via /proc/mounts (Was: Re: Information about selinuxfs) Stephen Smalley
2003-12-18 18:00     ` Stephen Smalley
2003-12-12 13:55 ` Information about selinuxfs Russell Coker

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.