[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Attention: Proprietary video driver users (ATI, Nvidia, etc.)



On Fri, Feb 24, 2006 at 10:27:37 -0500,
  Ivan Gyurdiev <ivg2 cornell edu> wrote:
> 
> You'd enumerate all the contexts for files under /lib, /usr/lib, etc.. 
> places which would be declared "controlled" by rpm.
> Then you create a new attribute called "managed" or something like that, 
> and mark all those types with that attribute.
> Then you write policy to allow rpm to manage those types. You write an 
> assertion to make sure nothing but rpm manages those files. Then audit 
> and remove all rules from policy that violate that assertion. I haven't 
> written policy in a while, but shouldn't this work?

You're right you could do that. There wouldn't be just one 'managed' context
though. You'd have to make a 'managed' version of each existing context
that was used in those directories. Its a bit more work, but would be doable.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]