RE: file contexts and modularity

["Karl MacMillan" <kmacmillan@xxxxxxxxxx>]

> -----Original Message-----
> From: Ivan Gyurdiev [mailto:ivg2@xxxxxxxxxxx]
> Sent: Monday, June 27, 2005 1:56 PM
> To: Karl MacMillan
> Cc: selinux@xxxxxxxxxxxxx; 'Daniel J Walsh'
> Subject: RE: file contexts and modularity
> 
> 
> > I more concerned about the other questions - how would a user switch
> policies
> > with this scheme?
> 
> Does switching policies require changing the file contexts?
> I typically use strict policy, so I'm not sure...
> I suppose this file could be re-generated?
> 

Yes - the two policies could potentially have no types in common.

> > How would network home directories work?
> 
> The same way they work right now?
> I didn't realize network home dirs support xattr..
> 

They don't, but they will. And they don't really work right now.

Karl

> >  Tying the creation of
> > the labeling information to calling adduser seems fragile.
> 
> Perhaps...

---
Karl MacMillan
Tresys Technology
http://www.tresys.com
(410) 290-1411 ext 134



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.