Sat, Feb 9, 2008 at 3:36 AM, John Ogness <[EMAIL PROTECTED]> wrote: > On 2008-02-08, Alon Bar-Lev <[EMAIL PROTECTED]> wrote: >>> The current release of Dazuko uses LSM to intercept file access >>> events. As of 2.6.24, LSM modules may no longer be kernel >>> modules. They _must_ be statically compiled into the kernel. >> >> This may impose a serious problem with distributions... I don't know >> if I will be able to push this into Gentoo users this way, and >> Gentoo are one of the easiest with regards to patching. > > Yes, it may cause problems for distributions. I am considering adding > a kernel parameter so that Dazuko can be dynamically activated at boot > (like SElinux). Then distributions would be able to include the patch, > but leave Dazuko disabled. Users could then easily enable it with > somthing like "dazuko=1" as a boot parameter. > > The only alternative is to avoid LSM.
FYI... As for Novell/SuSE, I suspect that the work done by upstream to make LSM static-link only will most likely be reverted for SLED/SLES 11. Meaning that LSM may continue to be a viable alternative for some time. -Adam _______________________________________________ Dazuko-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/dazuko-devel
