SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: rfs xattr's, mkinitrd and other stories This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Russell Coker <russell_at_coker.com.au> Date: Thu, 11 Sep 2003 23:18:15 +1000 On Thu, 11 Sep 2003 21:47, Stephen Smalley wrote: > On Wed, 2003-09-10 at 20:48, Russell Coker wrote: > > none /selinux selinuxfs noauto 0 > > 0 > > Why noauto? It needs to be mounted if you are running SELinux, and it > will just fail with a warning if the kernel doesn't have SELinux > enabled. When booting without an initrd I have to mount it before init is run. This means that I have two options, "mount -n" or mounting the root fs rw to allow writing to /etc/mtab and then umounting it again (for a possible fsck). However if the file system is inconsistent then this would be a bad idea, so "mount -n" seems the only option for a non-initrd system. Using "mount -n" means that "mount -a" will try to mount it again if it is set for auto-mount, so "noauto" solves this (as long as there is an explicit mount command). > > A special file system for SE Linux related entries. I can't understand > > why it wasn't just made part of /proc, Steve, perhaps you could explain. > > Misuse of /proc isn't viewed favorably by the kernel developers. The > preferred approach is to create your own pseudo filesystem type. > selinuxfs was based on the nfsd pseudo filesystem in 2.5/6. So instead of having a dozen different sub-directories of /proc we'll have a dozen different file systems to be individually mounted, umounted, and tracked. This does not seem to be a benefit to me. Of course my opinion counts for nothing in this debate even though I'm the one that'll do much of the user-space work of supporting this. :( -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Thu 11 Sep 2003 - 09:18:47 EDT This message: [ Message body ] Next message: joshmccormack_at_travelersdiary.com: "Re: update www.securityenhancedlinux.de" Previous message: carstengrohmann_at_gmx.de: "update www.securityenhancedlinux.de" In reply to: Stephen Smalley: "Re: rfs xattr's, mkinitrd and other stories" Next in thread: Dale Amon: "Re: rfs xattr's, mkinitrd and other stories" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom