Le jeudi 06 février 2014 à 12:21 -0800, David Timothy Strauss a écrit : > In order to maximize consistency with newly committed options in > systemd-nspawn, would it make sense to allow independent configuration > of the process and file labels instead?
The file label are decided by selinux policy based on the path and/or process domain, from what I seen. In the case of systemd-nspawn, it is done by using a specific option of mount, and only for tmpfs/devpts. So I am not sure if this can be done, and i fail to see a usecase for that ( except having container described in .service, which could be nice but maybe too much ) -- Michael Scherer _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
