On Tue, 2006-02-07 at 02:18 +0100, Kay Sievers wrote:
The udev event processes, the ones that actually create the device
node
are just clones of the main daemon, they run the same code, the same
memory as the main daemon, they don't exec() anything. So everything that
is available in the main daemon before the event process is forked, will
also be available in the event process itself while it is creating the
node.
That's the reason I was asking, cause it sounds like the current selinux
integration could be optimized. Seems there is no need for any pipe or other
ipc, if selinux is fine with the inherited state from the daemon.
Yes, in that case, performing the matchpathcon_init_prefix call once in
the main daemon would likely be fine.
--
Stephen Smalley
National Security Agency