Head-banging targets, please

Russell Coker russell at coker.com.au
Tue Jan 4 13:43:01 UTC 2005


On Friday 31 December 2004 09:43, Mike Hearn <mike at navi.cx> wrote:
> It also doesn't help that Fedora have patched upstream SElinux extensively
> in the process of actually making it usable, for instance they've made a
> lot of stuff more automatic. I believe these patches are being folded back
> in upstream, but the problem with doing it "upside down" like this is
> that the official docs which most people find first do not correspond to
> an actual FC3 installation, which is what most people are actually playing
> with SELinux on.
>
> I do not know why these patches weren't developed upstream then pulled
> down as they became ready. I guess there are good reasons.

The patches are developed by the people who have the time and skills 
necessary.  Some of those people are Red Hat employees (including me).  Code 
that is developed by Red Hat employees generally goes into Red Hat first 
before going upstream.

But that isn't the reason that the documentation lags behind development.  The 
reason is that a lot of work is being done on developing the code and policy, 
but little time is available for documentation.  I think that things are 
improving in this regard, but there is a lot of documentation work to be 
done.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page




More information about the fedora-selinux-list mailing list