[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [RFC] change policy loading to initramfs

From: Chuck Anderson <cra WPI EDU>
To: fedora-selinux-list redhat com
Subject: Re: [RFC] change policy loading to initramfs
Date: Thu, 24 Jan 2008 18:31:42 -0500

On Thu, Jan 24, 2008 at 04:31:49PM -0500, Bill Nottingham wrote:
> --- mkinitrd-6.0.28/mkinitrd.foo	2008-01-23 17:09:26.000000000 -0500
> +++ mkinitrd-6.0.28/mkinitrd	2008-01-23 17:10:23.000000000 -0500
> @@ -1692,6 +1692,13 @@ if [ -n "$dhclient_leases_cmd" ]; then
>      emit "$dhclient_leases_cmd"
>  fi
>  
> +SELINUX=
> +[ -f /etc/selinux/config ] && . /etc/selinux/config
> +if [ -n "$SELINUX" -a "$SELINUX" != "disabled" ]; then
> +    emit "echo Loading SELinux policy."
> +    emit "loadpolicy"
> +fi
> +
>  emit "echo Switching to new root and running init."
>  emit "switchroot"
>  emit "echo Booting has failed."

Shouldn't you always add loadpolicy to the initrd?  The SELinux config 
might change between when the initrd was generated and when you boot 
the system.

References:
- [RFC] change policy loading to initramfs
  - From: Bill Nottingham
- Re: [RFC] change policy loading to initramfs
  - From: Bill Nottingham
- Re: [RFC] change policy loading to initramfs
  - From: Bill Nottingham

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]