Tetsuo Handa wrote: > Please see ccs_load_policy() in security/ccsecurity/load_policy.c . > Until TOMOYO 1.8.1, there was CONFIG_CCSECURITY_ALTERNATIVE_TRIGGER kernel > config option that specifies which program is used as a trigger for (optionally > calling /sbin/ccs-init and) activating TOMOYO. I was considering replacing > CONFIG_CCSECURITY_ALTERNATIVE_TRIGGER with CONFIG_CCSECURITY_ACTIVATION_TRIGGER > in TOMOYO 1.8.2. But according to your usage, it seems to me that we want a > kernel command line option (like CCS_Loader= option) that allows you to specify > which program is used as a trigger for activating TOMOYO since it would be > difficult for distributors to determine the location of program that is used as > /sbin/init at compile time. I think it is now possible on many distributions to switch to unofficial systemd packages (official on Fedora 15 of course). With Arch Linux, it is very easy to install both BSD-style init and systemd init and switch between them whenever wanted. A kernel command line option would be a perfect solution to this.
TOMOYO
Fork