On 9/12/05, Russell Coker russell@coker.com.au wrote:
There are probably other services with the same issues.
PI will not help at all. The absolute last thing I want to see is multiple PI versions of /var which will cause all sorts of problems for communications between daemons (think about /var/log and /var/run, and I'm sure that some daemons mess with other daemons' files under /var/cache).
I don't believe that there is any need for PI for anything other than files and directories created by regular users. That means /tmp and a possibility of home directories for different levels with MLS. I'm sure that someone will disagree however and I am waiting for email debating this point.
OK, so the rubric here is that daemon-like services need to have their 'major' directory entries in places like /var created and labeled by their package, not created upon startup. This sounds quite reasonable.
So, the normal 'name space' conflicts will likely be detected during package install.
Do we need to be concerned with possible 'widening' conflicts on such directories (e.g., two packages wanting to 'own' the same directory, one with a 'wider' label)?
tom