F22 System Wide Change: Enable Polyinstantiated /tmp and /var/tmp directories by default
Tom Hughes
tom at compton.nu
Tue Jan 20 12:29:48 UTC 2015
On 20/01/15 12:16, Tomas Hozza wrote:
> On 01/20/2015 01:08 PM, Tom Hughes wrote:
>> On 20/01/15 11:53, Jaroslav Reznik wrote:
>>
>>> * Other developers:
>>> ** Add /tmp-inst and /var/tmp/tmp-inst to filesystem. (packagename: filesystem)
>>> ** Enable namespaces in /etc/security/namespace.conf (packagename: PAM)
>>> ** Enable proper selinux context and polyinstantiation_enabled boolean to be
>>> set (packagename: selinux-policy-targeted or selinux-policy)
>>
>> So this effectively reverses tmp-on-tmpfs for users other than root and adm
>> right? Because /tmp will actually be a subdirectory of /tmp-inst which will be a
>> real directory?
>>
> Why do you think this? I don't see any reason why the new tmp-inst directories can
> not be on tmpfs...
I guess that will work as well, but it wasn't clear that was the
intention since it talked of adding them to the filesystem package.
I suppose technically the directories still exist in filesystem but
currently it is systemd that then overmounts them with tmpfs instances.
Tom
--
Tom Hughes (tom at compton.nu)
http://compton.nu/
More information about the devel
mailing list