[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
From: |
Pádraig Brady |
Subject: |
Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context |
Date: |
Mon, 01 Jul 2013 16:13:40 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 |
On 07/01/2013 03:44 PM, Bernhard Voelker wrote:
> On 07/01/2013 03:36 PM, Pádraig Brady wrote:
>> On 06/26/2013 09:48 AM, Jarkko Sakkinen wrote:
>>> Enable creation of SMACK security context with -Z command-line switch
>>> if SMACK is enabled.
>
> Do we have a chance to have tests for all the new SMACK code?
>
> I do not know much about SMACK and SELinux, but can both be
> active at the same time? If so, the behavior probably has changed
> (in ls(1) at least) because the code always tests for SMACK first.
I asked Jarkko about that and he said:
"Well, actually you couldn't have SELinux and SMACK active in the
kernel at the same time. Kernel can only have one LSM enabled at
a time (and you cannot switch or disable LSM). So this essentially
detects, which one is enabled in the kernel."
The point about tests is valid, though I didn't think
that important since the selinux and smack code is so similar.
Jarkko I'd accept a patch with tests in smack.sh based
on tests/mkdir/selinux.sh (which calls require_smack_enforcing_).
thanks,
Pádraig.
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Pádraig Brady, 2013/07/01
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Bernhard Voelker, 2013/07/01
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context,
Pádraig Brady <=
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Jarkko Sakkinen, 2013/07/01
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Pádraig Brady, 2013/07/01
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Bernhard Voelker, 2013/07/02
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Pádraig Brady, 2013/07/02
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Bernhard Voelker, 2013/07/02
- Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context, Jarkko Sakkinen, 2013/07/31
- Prev by Date:
Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
- Next by Date:
Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
- Previous by thread:
Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
- Next by thread:
Re: [PATCH] mk{dir, fifo, nod}: with -Z, create SMACK security context
- Index(es):