systemd: please stop trying to take over the world :)
Daniel J Walsh
dwalsh at redhat.com
Wed Jun 15 15:12:35 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06/15/2011 11:03 AM, Miloslav Trma? wrote:
> On Wed, Jun 15, 2011 at 4:44 PM, Stephen Smalley <sds at tycho.nsa.gov> wrote:
>> Ways to improve the situation for systemd would include:
>> - Only load a subset of file_contexts entries, similar to udev.
>> - Only load the file contexts entries temporarily, using selabel_open +
>> selabel_close to bracket entire blocks where files are created or
>> relabeled.
> - At policy build time, precompute a DFA for all of the regexps, and
> store it in a file. This file could be mmap()ed into any user of the
> policy, requiring no malloc(), and allowing the kernel to free the
> memory when it is no longer used; this should also make loading of the
> file_contexts configuration faster.
> Mirek
I was wondering if this was possible. Any example of how to do it?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk34y+MACgkQrlYvE4MpobNqQgCgyXPAzaA15Cjsaq7BmZoy+5s5
kRYAn3hf6N4QbNFaPyszp4L6i7vHhlSR
=/ZtQ
-----END PGP SIGNATURE-----
More information about the devel
mailing list