Le 01/05/16 à 21:01, Yuri D'Elia a écrit :
On Sun, May 01 2016, Laurent Bigonville <bi...@debian.org> wrote:
It's only doing this if /proc is not mounted, something that should
happen at early boot.
libselinux needs to determine the status of selinux on the machine. This is
done by reading files
under /proc.
libselinux should assume selinux is disabled if there's no proc, and
just do nothing.
Why the safe default cannot be followed here?
Can't "ls" just do it's work without policy until /proc is ready?
This is going to attempt mounting /proc in containers and generally mess
with event-based system initialization in unexpected ways.
I personally experienced this while setting up a testing environment
where selinux is _disabled_ and took me a while to track down why /proc
was getting mounted over and over again.
What are the symptoms you are seeing exactly? what is broken?
Isn't /proc needed for almost anything these days anyway?
If you want to change that, see with upstream.
Do I really have to?
This seems like a *very bad* idea in the first place.
I'm not planning to carry a patch in the debian package for that.
Funny thing: unmount will now mount /proc.
Maybe I need to file a bugreport against mount.
I don't think it's needed, mount is not responsible of this.
