From mboxrd@z Thu Jan 1 00:00:00 1970 From: Luke Kenneth Casson Leighton Date: Wed, 11 Aug 2004 14:25:38 +0000 Subject: server-based system for file context restoration Message-Id: <20040811142538.GA12278@lkcl.net> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: SE-Linux , Linux Hotplug Dev List this may sound a little weird, but i believe it to be a possible solution to the amount of time taken to do an selinux context restore. the issue is that udev is designed to call out to separate programs to perform the task of adding new devices. consequently, optimisations that rely on cacheing by a single process (e.g. russell's suggestion to cache the return result of is_selinux_enabled() and also the cacheing performed by the setfilecon() function) are not activated / taken advantage of. therefore, there needs to be a persistent process around that performs device creation. to that end, two possible methods could be used: 1) udevd exec's udev_add which sticks around, and udevd communicates to it via a pipe, sending the names of devices to create via stdin. 2) similar trick but with setfiles or restorecon instead, this time setfiles or restorecon being turned into a "server" which can listen on, say, a unix-domain-socket, or via shared memory. i hate to suggest the use of udev because udev is not as fast as it could be - yet. millisecond response time is called for / expected, and udev is presently taking like ... one second to start up. l. -- -- Truth, honesty and respect are rare commodities that all spring from the same well: Love. If you love yourself and everyone and everything around you, funnily and coincidentally enough, life gets a lot better. -- lkcl.net
lkcl@lkcl.net
------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel