I'd like to ask for some help. I'm trying to test selinux, but selinux won't work with devfs, so I've decided to finally get rid of it and replace with udev. However, that's rather difficult to do.
First, why does the udev startup script declare its own udev_root and not respect /etc/udev/udev.conf? Why are the nvidia devices not part of the udev startup script (since they're widely used, and not yet in sysfs)?
Secondly, I tried creating static /dev/console and /dev/null so that I can even get to the udev script - I placed it at the beginning after proc and sys are mounted. However, the root filesystem at this point is read-only, and the udev script doesn't create the nodes. I could make it run on ramfs, but then how could I make static /dev/console and /dev/null? ... and how could I use the selinux policy over ramfs - that's why I'm getting rid of devfs in the first place.
Why does the udev stop script proceed to remove my static /dev/console and /dev/null, which it did not create?
Is there any progress on placing udev in initramfs where it's supposed to go eventually?
On Mon, 2004-03-29 at 22:21, Ivan Gyurdiev wrote:
and how could I use the selinux policy over ramfs - that's why I'm getting rid of devfs in the first place.
Ultimately, there will likely be a fake xattr handler for the security namespace for ramfs and tmpfs, as there already is for devpts, to allow setting of inode security contexts from userspace.
On Mon, Mar 29, 2004 at 10:21:10PM -0500, Ivan Gyurdiev wrote:
Is there any progress on placing udev in initramfs where it's supposed to go eventually?
People are working on it, but slowly, as it's only really needed to boot off of a disk that is named by udev. I expect it will be done by the end of the year.
That being said, it's not that much of a issue today, as udev will work just fine for everything except your root disk right now.
thanks,
greg k-h
So... I'd like to try this (udev... selinux...) again. Where would be the proper place to put udevstart, given the root fs is readonly for a long time, and /dev resides on it (ramfs has no xattr for selinux)? How can I modify rc.sysinit to make this work?
On Thu, Apr 08, 2004 at 03:13:07PM -0400, Ivan Gyurdiev wrote:
So... I'd like to try this (udev... selinux...) again. Where would be the proper place to put udevstart, given the root fs is readonly for a long time, and /dev resides on it (ramfs has no xattr for selinux)? How can I modify rc.sysinit to make this work?
Did you read the HOWTO-udev_for_dev file that is in the udev tarball? It contains all the info you need to do this.
But have a boot disk handy, in case you mess up somehow...
good luck,
greg k-h
Did you read the HOWTO-udev_for_dev file that is in the udev tarball? It contains all the info you need to do this.
I've tried similar change before. It didn't work, because the root fs was read only at that point... but I guess I'll try again with the exact patch you have, and see what happens.
In the meantime I've switched back to static /dev from devfs, and am currently being flooded with avc denials, which I shall report to the selinux list :)
devel@lists.stg.fedoraproject.org