On Thu, May 12, 2011 at 07:14:29AM +0900, Tetsuo Handa wrote: > Mimi Zohar wrote: > > Just clarifying for the record that securityfs has typically been > > mounted as /sys/kernel/security, not directly as /sys/security. So it > > would be /sys/kernel/security/selinux that you're discussing. > > Mounting securityfs on /sys/kernel/security/ is a bit tricky. > /sys/ likely exists in all distros using 2.6 kernels.
It is almost guaranteed, I know of no Linux systems that do not mount sysfs, do you? > However, openSuSE has /sys/kernel/debug/ directory on the / partition (i.e. > /sys/kernel/ exists even if sysfs is not yet mounted). Userland tools that > assume that sysfs is already mounted on /sys/ if /sys/kernel/ exists will > fail. That's a bug in openSUSE, please file it and it will be fixed. Userspace should always be able to assume that sysfs is mounted on /sys/ now. > Also, userland tools have to mount /sys/ on sysfs if it is not yet mounted > (e.g. as of /sbin/init starts) before mounting securityfs on > /sys/kernel/security/ . That's what the distro startup logic is for. Remember, this whole thread started on the systemd mailing list talking about this very logic :) > Also userland tools which was executed as of /sbin/init > starts have to unmount /sys/ and /sys/kernel/security/ before continuing boot > procedure, or some distributions fails to boot at mounting /sys/ (which is > listed on /etc/fstab) if /sys/ was already mounted. I don't understand. > Personally, /proc/security/$modulename/ would reduce dependency and make > things simpler. No, sorry, no more proc files please. /sys should always be there just like /proc should be. thanks, greg k-h _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
