Not good
Jeff Johnson
n3npq at nc.rr.com
Sat Apr 3 15:04:15 UTC 2004
Gene Czarcinski wrote:
>On Saturday 03 April 2004 08:29, Daniel J Walsh wrote:
>
>
>>I have written the steps in the bug report on how to get up2date fixed.
>>The final fix for the up2date package has not been released yet.
>>
>>Fixing up2date is a multi step process.
>>
>>One update to latest policy.
>>restorecon /usr/sbin/up2date
>>
>>update to latest usermode
>>
>>Add
>>ROLE=sysadm_r
>>TYPE=rpm_t
>>to
>>
>>/etc/security/console.apps/up2date.
>>
>>
>
>Thanks for the update Dan.
>
>I am still a bit concerned that up2date did not report that the package
>up2date failed and that it removed the old version of the package as well.
>If I had been manually updating (as I did with the kernel), I saw that there
>was a problem. Up2date should have caught that also but did not. I do not
>know if yum has this problem or not and will probably explore using it as an
>alternative to up2date. However, I will probably wait for Seth's big rewrite
>that he is working on.
>
>
All rpm tools have this problem, as one of the two big lies in rpm is
All-or-nothing behavior when installing packages.
That lie is true iff packages are perfect. That is very much not the
case during
a development cycle with an importatnt paradigm shift like selinux.
Fwiw, the other big lie is
Virgin sources, applying patches, with *.spec procedure ==
reproducible builds.
That lie is true iff one knows how to set up a build system, and the
tools "work".
73 de Jeff
>Gene
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
>
More information about the fedora-selinux-list
mailing list