On Tue, 11.11.14 00:43, WaLyong Cho (walyong....@samsung.com) wrote: > On 11/10/2014 10:26 PM, Lennart Poettering wrote: > > On Fri, 07.11.14 10:03, Casey Schaufler (ca...@schaufler-ca.com) wrote: > > > >> Calling it SmackLabel= instead of SmackLabelExec= would be fine as > >> far as I'm concerned. SmackLabel= is more consistent with SELinuxContext= > >> and AppArmorProfile=, as you point out. > > > > OK! > > > > WaLyong, let's name it SmackLabel= then! > > I think I had made you to bother. Excuse me, but I'm asking you again. > And I think introducing new config should be careful. > > Hmm, I'm still confusing. We're already using SmackLabel= as socket > config item. Yeah, it can possible as both exec/socket config. But each > purposes are different. > In socket config, this config is used to set SMACK64 of socket file. > In exec config, this config is used to set child systemd attribute when > User= config is given. > And does we have to explain each man page? Or drop from socket package > and move that to exec page?
> I'm not sure it make sense. Hmm, OK, so you might actually have a point. And this is because .socket units may carry ExecStartPre= command lines which are execute before we start listening to a socket. If we'd just have SmackLabel= then it would not be clear whether it applies as file system label to the socket fds, or if it applies as process label to the ExecStartPre= processes. Hmm, I guess I am fine with SmackLabelExec= then! Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel