-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/30/2012 08:27 PM, Lennart Poettering wrote:
> On Wed, 30.05.12 23:32, Lennart Poettering (lenn...@poettering.net) wrote:
>
>>
>> On Wed, 30.05.12 16:13, Daniel J Walsh (dwa...@redhat.com) wrote:
>>
>>> + const char *prefixes[] = { "/dev", "/var/run", NULL };
>>
>> Is there a reason this mentions /var/run and not /run?
>>
>> Otherwise looks good to me!
>
> I have now commited the patch but took the liberty to change /var/run to
> /run here.
>
> Lennart
>
Yes it has to be /var/run. The policy is all written with the upstream
/var/run patterns not /run.
# matchpathcon -p /run /run/udev
/run/udev system_u:object_r:default_t:s0
# matchpathcon -p /var/run /run/udev
/run/udev system_u:object_r:udev_var_run_t:s0
We have equivalence match between /run -> /var/run
But the library for loading initial context does not take this into account.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk/HTecACgkQrlYvE4MpobOdIACfWWj1t8wczo9k2iBgill6J8vz
JHUAni/pvi3LsI/d/KXrfb+tJUa0itzH
=Ko7F
-----END PGP SIGNATURE-----
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
