SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [PATCH] [STABLE] Makefile change to disable restorecond This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Joshua Brindle <method_at_manicmethod.com> Date: Wed, 12 Dec 2007 11:02:01 -0500 Stephen Smalley wrote: > On Wed, 2007-12-12 at 10:09 -0500, Joshua Brindle wrote: > >> Stephen Smalley wrote: >> >>> On Tue, 2007-12-11 at 15:13 -0500, Joshua Brindle wrote: >>> >>> >>>> Joshua Brindle wrote: >>>> >>>> >>>>> This patch is necessary to build stable on RHEL4. CLIP uses the >>>>> current stable toolchain and supports RHEL4 as a target so we are >>>>> trying to upstream any magic that is necessary to build on that platform. >>>>> >>>>> >>>>> >>>> Ignore last patch, this one is actually against stable :) >>>> >>>> >>> What about just checking for the presence of /usr/include/sys/inotify.h >>> and disabling restorecond in its absence, similar to handling of PAMH >>> and AUDITH in newrole's Makefile? Then that could go into trunk too. >>> >>> >> The next problem is that libselinux won't build on RHEL4 without >> building the .lo files with --ftls-model=initial-exec. Do you have an >> opinion on how to switch this on/off for building there? >> > > We already have a TLSFLAGS definition for the .o files, so I suppose we > could have two definitions, one for the .o files and one for the .lo > files, and put them in the Makefile, and then you'd just build with make > SHARED_TLSFLAGS="-ftlsmodel=initial-exec" or whatever for RHEL4. > > Or the other alternative would be to make the use of TLS completely a > build-time option, which would help for distributions where it isn't > supported at all. That shouldn't be too difficult; Manoj posted a patch > he was using for Debian a long time ago. > Ok, I see http://marc.info/?l=selinux&m=115807948020898&w=2 This makes TLS unnecessary at all though, right? I have no problem with this as TLS makes me fairly uneasy anyway. Are you comfortable with Manoj's patch? I didn't see any discussion of it at all on list after he sent it.. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Wed 12 Dec 2007 - 11:02:37 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: [PATCH] [STABLE] Makefile change to disable restorecond" Previous message: Christopher J. PeBenito: "Re: Some file context for kernel and systems directory." In reply to: Stephen Smalley: "Re: [PATCH] [STABLE] Makefile change to disable restorecond" Next in thread: Stephen Smalley: "Re: [PATCH] [STABLE] Makefile change to disable restorecond" Reply: Stephen Smalley: "Re: [PATCH] [STABLE] Makefile change to disable restorecond" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom