Hi, The number of complaints about using Dazuko with LSM for Linux 2.6 are continually increasing. This is mainly a problem because many Linux distributions compile Capabilities into the kernel (and Capabilities does not support stacking).
Technically there is not a problem with hooking the system call table under Linux 2.6. But this is frowned upon by the Linux kernel community, which is why Dazuko uses LSM for Linux 2.6 instead. The best solution would be to use DazukoFS, but this will not be available for another year. So here are a set of questions that I would like some feedback on: Should Dazuko switch back to hooking the system call table for Linux 2.6 until DazukoFS is ready? Should it be an option which method of hooking is used? Should LSM be a fallback in case system call hooking doesn't work (or vice versa)? Our final decision will not have any affect on the 2.1.0 release. I am not willing to delay the 2.1.0 release in order to add system call hooking. John Ogness -- Dazuko Maintainer _______________________________________________ Dazuko-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/dazuko-devel
