* How does policy loading work at bootup?
@ 2014-05-04 5:23 dE
2014-05-05 11:59 ` Christopher J. PeBenito
0 siblings, 1 reply; 4+ messages in thread
From: dE @ 2014-05-04 5:23 UTC (permalink / raw)
To: selinux
Does the kernel automatically searches for and reads the policies in
hard coded locations or does some userspace tool does that at startup
via init/systemd scripts/units?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How does policy loading work at bootup?
2014-05-04 5:23 How does policy loading work at bootup? dE
@ 2014-05-05 11:59 ` Christopher J. PeBenito
2014-05-06 5:46 ` dE
2014-05-06 6:49 ` dE
0 siblings, 2 replies; 4+ messages in thread
From: Christopher J. PeBenito @ 2014-05-05 11:59 UTC (permalink / raw)
To: dE, selinux
On 05/04/2014 01:23 AM, dE wrote:
> Does the kernel automatically searches for and reads the policies in hard coded locations or does some userspace tool does that at startup via init/systemd scripts/units?
A long long time ago (before SELinux was accepted into Linus's tree), the kernel used to read the policy itself. Now it is loaded by userspace, typically either by the init program, or by the initramfs.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How does policy loading work at bootup?
2014-05-05 11:59 ` Christopher J. PeBenito
@ 2014-05-06 5:46 ` dE
2014-05-06 6:49 ` dE
1 sibling, 0 replies; 4+ messages in thread
From: dE @ 2014-05-06 5:46 UTC (permalink / raw)
To: selinux
On 05/05/14 17:29, Christopher J. PeBenito wrote:
> On 05/04/2014 01:23 AM, dE wrote:
>> Does the kernel automatically searches for and reads the policies in hard coded locations or does some userspace tool does that at startup via init/systemd scripts/units?
> A long long time ago (before SELinux was accepted into Linus's tree), the kernel used to read the policy itself. Now it is loaded by userspace, typically either by the init program, or by the initramfs.
>
Is it the semodule utility?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: How does policy loading work at bootup?
2014-05-05 11:59 ` Christopher J. PeBenito
2014-05-06 5:46 ` dE
@ 2014-05-06 6:49 ` dE
1 sibling, 0 replies; 4+ messages in thread
From: dE @ 2014-05-06 6:49 UTC (permalink / raw)
To: selinux
[-- Attachment #1: Type: text/plain, Size: 523 bytes --]
On 05/05/14 17:29, Christopher J. PeBenito wrote:
> On 05/04/2014 01:23 AM, dE wrote:
>> Does the kernel automatically searches for and reads the policies in hard coded locations or does some userspace tool does that at startup via init/systemd scripts/units?
> A long long time ago (before SELinux was accepted into Linus's tree), the kernel used to read the policy itself. Now it is loaded by userspace, typically either by the init program, or by the initramfs.
>
Got it. It's load_policy.
Thanks for the assistance.
[-- Attachment #2: Type: text/html, Size: 1233 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-05-06 6:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-04 5:23 How does policy loading work at bootup? dE
2014-05-05 11:59 ` Christopher J. PeBenito
2014-05-06 5:46 ` dE
2014-05-06 6:49 ` dE
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.