Hi,
I tried to use selinux with systemd, but without much success. Looks
like the whole transitioning is broken. (Most daemons are stuck in the
init_t domain) What I don't understand is, while more and more disros
switching to systemd, it seems like there is still no working selinux
policy with systemd support. So how do other distros support selinux?
While I'm tying to figure this selinux thingy out, a few questions came
to mind:
Most packages with the selinux use flag are just pulling their reference
policy module as a dependency. Wouldn't it be better to use the seinux
flag only for packages which are linked against libselinux and use
instead a SELINUX_MODULES variable in the make.conf file (similar to
APACHE2_MODULES)?
The tresys reference policy uses the distro_gentoo directive, but AFAIK
it only affects openrc stuff. So shouldn't it be renamed to init_openrc?
Best regards,
Simon
I tried to use selinux with systemd, but without much success. Looks
like the whole transitioning is broken. (Most daemons are stuck in the
init_t domain) What I don't understand is, while more and more disros
switching to systemd, it seems like there is still no working selinux
policy with systemd support. So how do other distros support selinux?
While I'm tying to figure this selinux thingy out, a few questions came
to mind:
Most packages with the selinux use flag are just pulling their reference
policy module as a dependency. Wouldn't it be better to use the seinux
flag only for packages which are linked against libselinux and use
instead a SELINUX_MODULES variable in the make.conf file (similar to
APACHE2_MODULES)?
The tresys reference policy uses the distro_gentoo directive, but AFAIK
it only affects openrc stuff. So shouldn't it be renamed to init_openrc?
Best regards,
Simon