On Feb 11, 2014, at 6:27 PM, Andreas Jonsson wrote: > Hi list, > I think that being able to set the MAC process label from rc.conf would > be a better and more flexible way of moving forward, so that modifying > rc-scripts everywhere would be unnecessary. For a "default" label, I think the right place is a tunable which can only be changed from loader.conf, and can't be changed while the system is running. Something different, of course, would be the option to assign a certain label to a service, with a variable such as "apache24_maclabel" set in rc.conf. That would be great as well, but it's an entirely different issue imho. ;) Borja. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"