[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: SELinux Module Packaging in FC5
- From: "Stephen John Smoogen" <smooge gmail com>
- To: "Paul Howarth" <paul city-fan org>
- Cc: Daniel J Walsh <dwalsh redhat com>, SELinux-dev tresys com, fedora-selinux-list redhat com
- Subject: Re: SELinux Module Packaging in FC5
- Date: Tue, 16 May 2006 09:34:14 -0600
On 5/16/06, Paul Howarth <paul city-fan org> wrote:
Stephen Smalley wrote:
> On Tue, 2006-03-14 at 10:29 +0000, Paul Howarth wrote:
>> Is there any documentation anywhere on including SELinux Policy Modules
>> in packages (e.g. for Extras) in FC5? For instance, is there a directory
>> where modules can be dropped into so that they get picked up
>> aotomatically? Where should they live?
>
This rather defeats the purpose of having the separate -policy package,
since I need to use restorecon to fix the file contexts at post-install
time in case both packages are installed in the same transaction (a
likely scenario). I could do this equally well using a single package,
but it's untidy (I have to specify the pathnames that need non-standard
contexts in both the .fc policy file and as an argument to restorecon in
%post). I really prefer the separate package solution, but I think that
would need changes in rpm, which might be hard to get done.
Any thoughts?
An ugly ugly ugly fix might be to have a triggerpost that does a
restorecon/setcon on the files when the parent package is installed.
That way it ensures the package is reset correctly. Again ugly and
might not work.
Paul.
--
fedora-selinux-list mailing list
fedora-selinux-list redhat com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]