[Fedora-livecd-list] selinux on livecds

Jane Dogalt jdogalt at yahoo.com
Mon Mar 27 19:05:10 UTC 2006


--- Jeremy Katz <katzj at redhat.com> wrote:

> The problem is that the various compressed filesystems don't actually
> support xattrs which is required for setting up the SELinux file
> contexts.

If I were intent on using SELinux, I would ask this question-

once you get kadischi to have a specifiable read-only filesystem type (i.e.
zisofs or squashfs or ...), would there be any problem with doing a (possibly
clooped) ext2(/3) fs as an option.

Definately it'd be less efficient spacewise than squashfs, but it shouldn't
really be too hard to add that as an option, which sounds like it might enable
SELinux.

Though how about tmpfs?  Does it support xattrs?  Currently kad uses
bind-mounting and read-only root for a mix of tmpfs+zisofs.  So if you switch
zisofs to cloop-ext2, you still have the tmpfs part.

I wonder how selinux would cope with tmpfs+cloop_ext2+relayfs (or relayfs in
general).

time and experiment will tell I suppose.

-jdog


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the livecd mailing list