On Monday 10 May 2010 09:24:59 Steve Langasek wrote: > And you don't have to use an initramfs; the same result could be achieved > with a shim init on the root filesystem that does nothing but set up the > SELinux context correctly and then exec upstart.
That's what I did years ago when we first stopped making the SE Linux kernel code load the policy from disk (kernel code isn't supposed to access files). I had a shim named /sbin/init which loaded the policy (if necessary) and then executed init. Of course that shim was run every time you ran "telinit u" which was a minor annoyance. Another possible way of running it was to use the init=/sbin/shiminit option when booting the kernel, but some boot loaders (such as that of the Cobalt Qube I used for testing) made that unreasonably difficult. Diverting init and changing the boot loader are both things it's best to avoid if possible. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201005211057.54568.russ...@coker.com.au