I am moving make_extra_nodes() to /lib/udev/create_extra_nodes.
Can /sbin/restorecon /dev/$name be called by this script (which will be
used by *both* the init script and postinst) or does it need to be
run by the init script (not my favourite choice)?
And what about cp --archive --update
On Wednesday 06 August 2008 22:03, Marco d'Itri [EMAIL PROTECTED] wrote:
I am moving make_extra_nodes() to /lib/udev/create_extra_nodes.
Can /sbin/restorecon /dev/$name be called by this script (which will be
used by *both* the init script and postinst) or does it need to be
run by the init
On Tuesday 05 August 2008 08:18, Marco d'Itri [EMAIL PROTECTED] wrote:
My proposal is to factor out the function which calls mknod, but keep
the parts which mount /dev etc as is.
That proposal satisfies most of my requirements and will be quite adequate for
Lenny.
Please make such a change at
On Jul 24, Russell Coker [EMAIL PROTECTED] wrote:
Exactly, which operations not permitted by initrc_t are being a problem
here? E.g. I see many other init script which mount stuff in /dev.
But no other scripts that create device nodes, or that mount /dev itself.
What about the init scripts
On Wednesday 23 July 2008 21:47, Marco d'Itri [EMAIL PROTECTED] wrote:
On Jul 23, Russell Coker [EMAIL PROTECTED] wrote:
If we exclude the simplest (and worst) option, then running
/etc/init.d/udev as udev_t would require changing run_init (which uses
initrc_t exclusively for the scripts it
On Jul 23, Russell Coker [EMAIL PROTECTED] wrote:
Exactly why can't you fix the SELinux policy?
If you define fix to mean make it work with the current udev script then
that would involve either running /etc/init.d/udev as udevd_t (which will
cause some issues with run_init)
What kind of
On Wednesday 23 July 2008 21:09, Marco d'Itri [EMAIL PROTECTED] wrote:
On Jul 23, Russell Coker [EMAIL PROTECTED] wrote:
Exactly why can't you fix the SELinux policy?
If you define fix to mean make it work with the current udev script
then that would involve either running
On Jul 23, Russell Coker [EMAIL PROTECTED] wrote:
If we exclude the simplest (and worst) option, then running /etc/init.d/udev
as udev_t would require changing run_init (which uses initrc_t exclusively
for the scripts it runs) or having run_init call /etc/init.d/udev-runner (or
I foolishly
Package: udev
Version: 0.124-3
Severity: normal
With a separate script for setting up udev (mounting tmpfs and creating device
nodes) then we can avoid granting excessive permissions to the regular init.d
scripts under SE Linux. It also makes it a little easier to understand what
the udev
On Jul 22, Russell Coker [EMAIL PROTECTED] wrote:
With a separate script for setting up udev (mounting tmpfs and creating device
nodes) then we can avoid granting excessive permissions to the regular init.d
scripts under SE Linux.
Exactly, what kind of non-theoretical benefits will this bring?
On Wednesday 23 July 2008 03:32, Marco d'Itri [EMAIL PROTECTED] wrote:
On Jul 22, Russell Coker [EMAIL PROTECTED] wrote:
With a separate script for setting up udev (mounting tmpfs and creating
device nodes) then we can avoid granting excessive permissions to the
regular init.d scripts under
On Jul 23, Russell Coker [EMAIL PROTECTED] wrote:
On Wednesday 23 July 2008 03:32, Marco d'Itri [EMAIL PROTECTED] wrote:
On Jul 22, Russell Coker [EMAIL PROTECTED] wrote:
With a separate script for setting up udev (mounting tmpfs and creating
device nodes) then we can avoid granting
On Wednesday 23 July 2008 08:35, Marco d'Itri [EMAIL PROTECTED] wrote:
SE Linux in a strict configuration will work right now in Lenny with this
change.
Exactly why can't you fix the SELinux policy?
If you define fix to mean make it work with the current udev script then
that would involve
13 matches
Mail list logo