All of lore.kernel.org
 help / color / mirror / Atom feed
From: Stephen Smalley <sds@epoch.ncsc.mil>
To: Russell Coker <russell@coker.com.au>
Cc: SE Linux <selinux@tycho.nsa.gov>
Subject: Re: init patch for loading policy
Date: 21 Oct 2003 08:29:26 -0400	[thread overview]
Message-ID: <1066739366.27065.39.camel@moss-spartans.epoch.ncsc.mil> (raw)
In-Reply-To: <200310211052.28494.russell@coker.com.au>

On Mon, 2003-10-20 at 20:52, Russell Coker wrote:
> Firstly we would need to test that init will actually respond correctly to 
> "telinit u" while it's in that stage.  This is something I am concerned 
> about, particularly regarding race conditions regarding the completion of 
> rc.sysinit (although I guess it's unlikely that rc.sysinit will complete 
> before init restarts).

Note that I subsequently suggested (in a reply to Dan on the list) using
a separate sysinit entry with its own script for performing the initial
policy load and restarting init, followed by the ordinary sysinit entry
(or alternately, a bootwait entry if you can't ensure ordering among
multiple sysinit entries) that executes rc.sysinit.

This might not work, but I thought it would be worth testing, as it
avoids any patching or redirection of /sbin/init, and only involves an
alteration to /etc/inittab and an additional init script.  I agree that
even if it did work experimentally, you would want to examine the init
code to verify that it is safe in general.

> Then there's the issue that rc.sysinit has to get the correct context, so we 
> probably need domain_auto_trans(kernel_t, initrc_exec_t, initrc_t).

Not necessary with the above approach, as the first sysinit entry should
run in kernel_t and the second entry will automatically be placed into
initrc_t because init will have switched into its domain.

> OK.  I'll write a new version of the patch to address these issues.

Again, I don't think you want to directly patch this into /sbin/init.  
You are executing shell commands, mounting filesystems, etc; do it in a
shell script either by redirecting /sbin/init or by patching /sbin/init
to run an initialization script prior to doing anything else.  Think
about maintenance and also about getting this change upstream; there is
a significant difference between a patch that just adds code to execute
a separate script that can be customized vs. a patch that hardcodes this
particular set of logic into init.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

  reply	other threads:[~2003-10-21 12:29 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-10-19 15:48 init patch for loading policy Russell Coker
2003-10-20  8:21 ` Carsten Grohmann
2003-10-20 18:02 ` Stephen Smalley
2003-10-20 20:10   ` Daniel J Walsh
2003-10-20 20:46     ` Stephen Smalley
2003-10-20 20:56       ` Daniel J Walsh
2003-10-21 12:19         ` Stephen Smalley
2003-10-21  0:52   ` Russell Coker
2003-10-21 12:29     ` Stephen Smalley [this message]
2003-10-21 14:43       ` Russell Coker
2003-10-21 14:59         ` Stephen Smalley
2003-10-21 16:00           ` Russell Coker
2003-10-21 18:38             ` Daniel J Walsh
2003-10-21 20:14             ` Bastian Blank
2003-10-21 17:50           ` Daniel J Walsh
2003-10-22 22:31             ` Joubert Berger
2003-10-23  1:42               ` Russell Coker
2003-10-21 18:07           ` Daniel J Walsh
2003-10-21 18:54             ` Stephen Smalley
2003-10-21 19:56               ` Stephen Smalley
2003-10-21 12:32     ` Stephen Smalley
2003-10-21 13:56       ` Russell Coker
2003-10-20 20:47 ` Bastian Blank
2003-10-21  0:57   ` Russell Coker
2003-10-21  6:26     ` Bastian Blank

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1066739366.27065.39.camel@moss-spartans.epoch.ncsc.mil \
    --to=sds@epoch.ncsc.mil \
    --cc=russell@coker.com.au \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.