> -----Original Message----- > From: Lennart Poettering [mailto:lenn...@poettering.net] > Sent: Wednesday, February 19, 2014 7:08 AM > To: Zbigniew Jędrzejewski-Szmek > Cc: Łukasz Stelmach; Casey Schaufler; Schaufler, Casey; systemd- > de...@lists.freedesktop.org > Subject: Re: [systemd-devel] [PATCH v2 1/2] Smack - relabel directories and > files created by systemd > > On Wed, 19.02.14 16:05, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) > wrote: > > > > > On Wed, Feb 19, 2014 at 03:44:32PM +0100, Łukasz Stelmach wrote: > > > How to have support for more than one security fw reasonably > > > compiled in? (I think this is the moment to create the pattern). > > Why not? It would be rather constraining for a distribution which > > wants to support more than one. systemd should just perform the steps > > necessary for all compiled frameworks compiled in, silently ignoring > > failures coming from missing frameworks. > > Yes, I agree fully with Zbigniew. A distribution like Debian is likely to > enable > support for AppArmor, SMACK and SELinux in systemd, all at the same time. > That doesn't mean that all three will be active together during runtime, as > the > kernel doesn't support that,
Yet. There is work in progress to enable multiple concurrent security modules. At the current pace of development 2015 is the best guess for landing. > however the binary we build should support all > three, and what is used is decided at runtime at the discretion of the admin. > > Lennart > > -- > Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel