[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [kay.sievers@vrfy.org]



On Tue, 2006-02-07 at 02:18 +0100, Kay Sievers wrote:
> The udev event processes, the ones that actually create the device node
> are just clones of the main daemon, they run the same code, the same
> memory as the main daemon, they don't exec() anything. So everything that
> is available in the main daemon before the event process is forked, will
> also be available in the event process itself while it is creating the
> node.
> 
> That's the reason I was asking, cause it sounds like the current selinux
> integration could be optimized. Seems there is no need for any pipe or other
> ipc, if selinux is fine with the inherited state from the daemon.

Yes, in that case, performing the matchpathcon_init_prefix call once in
the main daemon would likely be fine.  

-- 
Stephen Smalley
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]