From: dominick.grift@gmail.com (Dominick Grift) Date: Wed, 11 Dec 2013 11:31:12 +0100 Subject: [refpolicy] RFC: direct_init_entry breaks direct_initrc In-Reply-To: <20131211095203.GA6201@siphos.be> References: <20131211083339.GA5997@siphos.be> <1386752197.18689.88.camel@d30> <20131211095203.GA6201@siphos.be> Message-ID: <1386757872.18689.96.camel@d30> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Wed, 2013-12-11 at 10:52 +0100, Sven Vermeulen wrote: > > It's a bit harder to verify init related stuff now though because > > gentoo, debian and fedora each use a different init systems now > > Indeed. I wouldn't mind splitting the init code into their respective > domains, although that will be a "hell of a job", while there are still > important shared aspects to it. Looking at Fedoras' solution i now think that this probably will not be optimal although i cannot think of any really convincing arguments to back up my statement, other then that it is probably a bit too late for that now, and that it is probably not as efficient. We can make the systemd specific policy conditional, and if we do that consistent then that should probably be okay Thanks