[HEADS-UP] Moving /var/run and /var/lock to tmpfs in Rawhide
mzerqung at 0pointer.de
Tue Nov 23 21:26:39 UTC 2010
On Tue, 23.11.10 21:19, Paul Howarth (paul at city-fan.org) wrote:
> On Tue, 23 Nov 2010 21:48:30 +0100
> Lennart Poettering <mzerqung at 0pointer.de> wrote:
> > - In some cases daemons might want to create more than one file/dir
> > below /var/run which are supposed to be labelled differently. In
> > this case the daemon can either be modified to fix its labels up
> > itself, or a drop-in file in /etc/tmpfiles.d/ might help (see below).
> Given that the tmpfiles.d format doesn't mention SELinux contexts, I
> assume that the files/directories will be set up to have whatever their
> default context would be under the running policy, as restorecon would
> set it?
Yes, SELinux contexts are exclusively configured in the policy, we do
not spread that around in other ocnfiguration files.
The tmpfiles stuff includes an implicit restorecon, basically.
Lennart Poettering - Red Hat, Inc.
More information about the devel