[HEADS-UP] Moving /var/run and /var/lock to tmpfs in Rawhide

Lennart Poettering mzerqung at 0pointer.de
Tue Nov 23 21:26:39 UTC 2010


On Tue, 23.11.10 21:19, Paul Howarth (paul at city-fan.org) wrote:

> 
> On Tue, 23 Nov 2010 21:48:30 +0100
> Lennart Poettering <mzerqung at 0pointer.de> wrote:
> > - In some cases daemons might want to create more than one file/dir
> >   below /var/run which are supposed to be labelled differently. In
> > this case the daemon can either be modified to fix its labels up
> > itself, or a drop-in file in /etc/tmpfiles.d/ might help (see below).
> 
> Given that the tmpfiles.d format doesn't mention SELinux contexts, I
> assume that the files/directories will be set up to have whatever their
> default context would be under the running policy, as restorecon would
> set it?

Yes, SELinux contexts are exclusively configured in the policy, we do
not spread that around in other ocnfiguration files.

The tmpfiles stuff includes an implicit restorecon, basically.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the devel mailing list