2018-01-25 17:17 GMT+01:00 Ricardo Wurmus <ricardo.wur...@mdc-berlin.de>:
> Hi Guix, > > attached is a patch that adds an SELinux policy for the guix-daemon. > The policy defines the guix_daemon_t domain and specifies what labels > may be accessed and how by processes running in that domain. > > These file labels are defined: > > * guix_daemon_conf_t > for Guix configuration files (in localstatedir and sysconfdir) > * guix_daemon_exec_t > for executables spawned by the daemon (which are allowed to run in the > guix_daemon_t domain) > * guix_daemon_socket_t > for the daemon socket file > * guix_profiles_t > for the contents of the profiles directory > I' m not sure I understand: is this meant to allow Guix to run in foreign distros like Fedora ? Or is this meant to have SELinux running inside the GuixSD environment ? I might be interested in runnig Guix on my Fedora installation. Also, Ricardo, I remember you posted a link to an introduction to SELinux for human beings, some months ago. Maybe on the irc channel, maybe on some meiling list I searched here and found nothing Should you be able to post that lik again, I' d be grateful I promise I will bookmark it this time Thanks ! Ciao
