[RFC] change policy loading to initramfs
Daniel J Walsh
dwalsh at redhat.com
Thu Jan 24 17:22:16 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bill Nottingham wrote:
> Stephen Smalley (sds at tycho.nsa.gov) said:
>> Hmm...Chad Sellers was working on similar support for Ubuntu, but did it
>> by adding a -i option to the load_policy program to perform an initial
>> policy load so that you can just execute it from a script rather than
>> requiring a direct patch to nash or anything else. cc'ing him. The
>> load_policy -i support is upstream and should be in Fedora devel /
>> rawhide too.
>
> This would still need to be done chroot()ed into the system (there's no
> way to set the base path for filename resoution), correct?
>
> Bill
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
You would still want to read the /etc/selinux/config file to figure out
which policy to load.
chroot PATH load_policy -i
should work.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkeYyUgACgkQrlYvE4MpobMkGwCfd1bU2WGZnxwWc1FpTzu5if9v
+NQAoMhIyXI+INgRUc+l8F5CoIJz2TbA
=R9oH
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list