From: Stephen Smalley <sds@tycho.nsa.gov>
To: jwcart2@tycho.nsa.gov
Cc: Caleb Case <ccase@tresys.com>,
selinux@tycho.nsa.gov, csellers@tresys.com,
kmacmillan@tresys.com, jbrindle@tresys.com
Subject: Re: [PATCH 03/13] libsemanage: move the module store to /var/lib/selinux
Date: Fri, 08 Jan 2010 10:19:12 -0500 [thread overview]
Message-ID: <1262963952.13162.11.camel@moss-pluto.epoch.ncsc.mil> (raw)
In-Reply-To: <1262962235.11210.25.camel@localhost>
On Fri, 2010-01-08 at 09:50 -0500, James Carter wrote:
> On Fri, 2010-01-08 at 09:28 -0500, Stephen Smalley wrote:
> > On Wed, 2009-12-23 at 18:25 -0500, Caleb Case wrote:
> > > This patch moves the module store from /etc/selinux/<store>/modules to
> > > /var/lib/selinux/<store>.
> >
> > Can the path prefix (i.e. /var/lib/selinux) be made configurable?
> >
> There would be no other prefixes other than /var/lib/selinux
> or /etc/selinux, or do you have something else in mind?
>
> I guess that you are thinking of backwards compatibility, but you still
> won't have it even if you change the prefix because the directory
> structure is different (priority directories and such). I don't see
> what you would gain with changing the prefix.
I just dislike the notion that to change the location one would have to
recompile the library. Even worse, one would have to modify the sources
versus just altering a -D flag in the Makefile specifying the path
prefix. We already have one such case in libsemanage with a FIXME
comment next to it; I didn't want to extend the set of such cases.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2010-01-08 15:19 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-12-23 23:25 [PATCH 00/13] RFC libsemanage move to var, enable/disable module, and priority support Caleb Case
2009-12-23 23:25 ` [PATCH 01/13] libsemanage: fix typo in tests makefile -o -> -O Caleb Case
2009-12-23 23:25 ` [PATCH 02/13] semanage: move permissive module creation to /tmp Caleb Case
2009-12-23 23:25 ` [PATCH 03/13] libsemanage: move the module store to /var/lib/selinux Caleb Case
2009-12-23 23:25 ` [PATCH 04/13] libsemanage: split final files into /var/lib/selinux/tmp Caleb Case
2009-12-23 23:25 ` [PATCH 05/13] libsemanage: update unit tests for move to /var/lib/selinux Caleb Case
2009-12-23 23:25 ` [PATCH 06/13] libsemanage: add default priority to semanage_handle_t Caleb Case
2009-12-23 23:25 ` [PATCH 07/13] libsemanage: augment semanage_module_info_t and provide semanage_module_key_t Caleb Case
2009-12-23 23:25 ` [PATCH 08/13] libsemanage: get/set module info and enabled status Caleb Case
2009-12-23 23:25 ` [PATCH 09/13] libsemanage: provide function to get new base module path Caleb Case
2009-12-23 23:25 ` [PATCH 10/13] libsemanage: installing/upgrading/removing modules via info and key Caleb Case
2009-12-23 23:25 ` [PATCH 11/13] libsemanage: new private api for unstable functions Caleb Case
2009-12-23 23:25 ` [PATCH 12/13] semodule: add priority, enabled, and extended listing Caleb Case
2009-12-23 23:26 ` [PATCH 13/13] semanage store migration script Caleb Case
2010-01-08 15:34 ` Stephen Smalley
2010-01-08 20:59 ` James Carter
2010-01-08 21:05 ` Stephen Smalley
2010-01-08 21:27 ` Caleb Case
2010-01-11 19:53 ` James Carter
2010-01-11 19:57 ` Joshua Brindle
2010-01-11 20:45 ` James Carter
2010-01-08 14:30 ` [PATCH 04/13] libsemanage: split final files into /var/lib/selinux/tmp Stephen Smalley
2010-01-08 15:07 ` James Carter
2010-01-08 15:28 ` Stephen Smalley
2010-01-08 18:25 ` Caleb Case
2010-01-08 20:19 ` Joshua Brindle
2010-01-08 20:25 ` Stephen Smalley
2010-01-08 20:30 ` Joshua Brindle
2010-01-08 20:51 ` Joshua Brindle
2010-01-08 20:58 ` Stephen Smalley
2010-01-08 21:02 ` Joshua Brindle
2010-01-08 21:04 ` Stephen Smalley
2010-01-08 21:12 ` James Carter
2010-01-08 14:28 ` [PATCH 03/13] libsemanage: move the module store to /var/lib/selinux Stephen Smalley
2010-01-08 14:50 ` James Carter
2010-01-08 15:19 ` Stephen Smalley [this message]
2010-01-07 22:28 ` [PATCH 00/13] RFC libsemanage move to var, enable/disable module, and priority support Chad Sellers
2010-01-08 14:30 ` James Carter
2010-01-21 21:06 ` Chad Sellers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1262963952.13162.11.camel@moss-pluto.epoch.ncsc.mil \
--to=sds@tycho.nsa.gov \
--cc=ccase@tresys.com \
--cc=csellers@tresys.com \
--cc=jbrindle@tresys.com \
--cc=jwcart2@tycho.nsa.gov \
--cc=kmacmillan@tresys.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.