| 1 |
Hi, |
| 2 |
I tried to use selinux with systemd, but without much success. Looks |
| 3 |
like the whole transitioning is broken. (Most daemons are stuck in the |
| 4 |
init_t domain) What I don't understand is, while more and more disros |
| 5 |
switching to systemd, it seems like there is still no working selinux |
| 6 |
policy with systemd support. So how do other distros support selinux? |
| 7 |
|
| 8 |
While I'm tying to figure this selinux thingy out, a few questions came |
| 9 |
to mind: |
| 10 |
Most packages with the selinux use flag are just pulling their reference |
| 11 |
policy module as a dependency. Wouldn't it be better to use the seinux |
| 12 |
flag only for packages which are linked against libselinux and use |
| 13 |
instead a SELINUX_MODULES variable in the make.conf file (similar to |
| 14 |
APACHE2_MODULES)? |
| 15 |
|
| 16 |
The tresys reference policy uses the distro_gentoo directive, but AFAIK |
| 17 |
it only affects openrc stuff. So shouldn't it be renamed to init_openrc? |
| 18 |
|
| 19 |
Best regards, |
| 20 |
Simon |
Archives