I'm in the process of systemd transition. It seems to be feasible so far. mtab is now a symlink.
I've also upgraded /etc/localtime to be a symlink.
Now I got this warning upon loading the policy:
Warning: object does not exist in role root, subject /sbin/gradm_pam for the target of the symlink object /etc/localtime specified on line X of /etc/grsec/policy.
Line X is the line where role root is defined in the policy.
I have no gradm_pam installed on the system, nor it is mentioned in the policy. /etc/localtime is also not specified in the policy. If I specify the non-existent gradm_pam for role root, the warning stays the same.
I guess I can ignore it, but I'm curious about the proper resolution of the warning.
I had no time to upgrade the system lately since I'm busy with systemd transition.
Merry Christmas to all Grsec & PAX developers:
Dw.