On Wed, Aug 26 2009, Philipp Kern wrote:
> On Tue, Aug 25, 2009 at 02:07:50PM +0200, Michael Biebl wrote:
>> - I would include the selinux initramfs bits in one of the selinux packages,
>> so
>> people not using selinux won't get the additional bloat. Btw, it would be
>> good
>> to have hard numbers, by what size the initramfs increases. I don't use
>> selinux,
>> so I can't tell.
>
> libselinux.so.1 is already included in the initramfs. However looking
> at load_policy's NEEDED list I also get libsepol.so.1. load_policy itself
> is only 7k, which is ignoreable, but libsepol.so.1 is huge with its 241k.
> I suppose that it's needed to actually parse policy?
Yes. From the long description of libsepol1:
--8<---------------cut here---------------start------------->8---
libsepol provides an API for the manipulation of SELinux binary
policies. It is used by checkpolicy (the policy compiler) and similar
tools, as well as by programs like load_policy that need to perform
specific transformations on binary policies such as customizing policy
boolean settings.
--8<---------------cut here---------------end--------------->8---
manoj
--
Why not go out on a limb? Isn't that where the fruit is?
Manoj Srivastava <[email protected]> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
