systemd acceptance, packaging guidelines (was Re: systemd and changes)

[Lennart Poettering]

On Tue, 24.08.10 09:44, Daniel J Walsh (dwalsh at redhat.com) wrote:

> I would add security things.
> 
> Starting a service sends audit messages from the proper loginuid.
> I am sure Steve Grub has lots of concerns here also.

This is not fair!

Upstart never did this. We do this now in systemd, as the first init
system on Linux at all.

Acknowledge this as a new feature. Don't make this a release
requirement.

> Restarting or starting a service ends up transitioning to the proper
> domain (Might be an SELinux domain.) directories, sock_files created by
> systemd end up with the proper context and confined domains see the
> remote socket as the proper label not, init_t.  For example if I setup
> mysql to be autostarted by systemd then when apache connects to the
> /var/run/mysql/socket it sees this socket labeled mysqld_var_run_t and
> the remote end as mysqld_t.

With the latest patches we merged this should in theory all be fixed,
right? Or is there anything still left to do in this area?

Lennart

-- 
Lennart Poettering - Red Hat, Inc.