On Mon, 23 May 2005 18:14:22 BST, Luke Kenneth Casson Leighton said: > there _is_ no "start" option or "stop" option to the service > startup scripts. if the script dies, the service is assumed to have > died: the signal is caught by depinit (all signals are caught by > depinit) and an "action" script e.g. /etc/depinit/sig_chld is called. > > if you _want_ the service to stop, you get depinit to automatically > send increasingly aggressive levels of signals to the "service" script. > > there _is_ no stupid numbering schemes - not the stupid symlinks, and > not the stupid runlevels. This is actually irrelevant (mostly) as far as SELinux is concerned.. > everything is _named_. properly. Again, mostly irrelevant.. > the present policy - init.te, initrc.te - is therefore going > to be mostly irrelevant. Actually *looking* at the .te's shows that *most* of it will, in fact, still be applicable for *any* init-replacment. The *important* part is that the policy address things like "can the init-process access these resources?" and "can the init-process launch the MTA process and have that transition to the proper domain?" (domain-auto-trans does a *lot* of the heavy lifting here - for instance, domains/program/mta.te contains: domain_auto_trans(initrc_t, sendmail_exec_t, sendmail_t) So as long as your depinit starts off in something that can get to initrc_t, the kernel doesn't *CARE*. I if an initrc_t fork/exec a sendmail_exec_t, and it transitions to the needed domain. Hell, I suspect that if you just put a: /sbin/depinit -- system_u:object_r:initrc_exec_t in file_contexts, 98% of it will Just Work.
Attachment:
pgpQx9PrpifMY.pgp
Description: PGP signature