On Sat, Dec 28, 2013 at 10:47 AM, Michael Scherer <m...@zarb.org> wrote: > So using templated units, we could do for example : > SELinuxContext=staff_u:staff_r:%s_t:s0-s0:c0.c1023
In the spirit of making isolation easy, it would be neat to have a built-in convention for selinux isolation in systemd where the full service/unit name has a default context name, constructed much like the quoted example, that the admin or packager can use simply by turning isolation on (SELinux=true). We would love to use SELinuxContext= or SELinux= for our needs at Pantheon. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel