On Mon, 04 Apr 2011 20:59:58 +0200 Alexander Boström wrote: > > If on the other hand / stays read-only for the whole duration of > > working with SELinux disabled, then no contexts will be harmed and > > relabeling will not be necessary. > > If / is ro but /var is rw then a relabel is still useful, right? > > And /var is more likely to be mounted rw than / is, so it would make > sense to store this flag somewhere in /var. > > Or even better, in each filesystem. (An xattr on the root inode?)
hehe, I was rethinking this today and came to the same conclusion :-) i.e. that it really ought to be per-filesystem. I didn't think of using xattrs for this though. It's an interesting idea. I was thinking about adding a field to the fs superblock, but that would require kernel changes in several filesystems. xattr is easier. Michal _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
