[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Not good



Gene Czarcinski wrote:

On Saturday 03 April 2004 08:29, Daniel J Walsh wrote:


I have written the steps in the bug report on how to get up2date fixed. The final fix for the up2date package has not been released yet.

Fixing up2date is a multi step process.

One update to latest policy.
restorecon /usr/sbin/up2date

update to latest usermode

Add
ROLE=sysadm_r
TYPE=rpm_t
to

/etc/security/console.apps/up2date.



Thanks for the update Dan.


I am still a bit concerned that up2date did not report that the package up2date failed and that it removed the old version of the package as well. If I had been manually updating (as I did with the kernel), I saw that there was a problem. Up2date should have caught that also but did not. I do not know if yum has this problem or not and will probably explore using it as an alternative to up2date. However, I will probably wait for Seth's big rewrite that he is working on.



All rpm tools have this problem, as one of the two big lies in rpm is
All-or-nothing behavior when installing packages.
That lie is true iff packages are perfect. That is very much not the case during
a development cycle with an importatnt paradigm shift like selinux.


Fwiw, the other big lie is
Virgin sources, applying patches, with *.spec procedure == reproducible builds.
That lie is true iff one knows how to set up a build system, and the tools "work".


73 de Jeff

Gene

--
fedora-selinux-list mailing list
fedora-selinux-list redhat com
http://www.redhat.com/mailman/listinfo/fedora-selinux-list






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]