On Tuesday 29 August 2006 11:29, Rosalie Hiebel wrote: > Are there plans to implement xinetd support for labeled networking > for all services (and not just external tcp nowait) ?
No. It cannot be done in some cases. For udp services the label travels with the packet. So, xinetd would have to read the datagram to get this information. This behavior would not follow what it does for non-labeled networking code, so it would probably break things. For tcp-wait services, xinetd does not call accept. Therefore it cannot get at any information for the connection. The application will have to do this and call execcon. For internal services, they are all troubleshooting or can be replaced by an external shell script that does the same thing with minimal effort (echo, discard, date, etc). The problem here is that not all internal services fork - which means that xinetd itself would be calling execcon. I don't think we want that either. -Steve -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
