[Freeipa-devel] [PATCH] 1019 require policycoreutils if SELinux is enabled
Martin Kosek
mkosek at redhat.com
Tue May 29 08:19:56 UTC 2012
On Fri, 2012-05-18 at 11:53 -0400, Rob Crittenden wrote:
> We don't have an explicit requires on the policycoreutils package in the
> client because SELinux is not required (just recommended).
>
> SELinux can be enabled without this package so check for that condition
> and don't allow installation if it is the case. The resulting install
> will be rather broken.
>
> Also check on the server when installing. This should never happen but
> in theory it could do the server install then fail in the client because
> of this.
>
> rob
This works fine. I am just thinking if we should not rather use paths
in /usr/ for the check if a binary exists, i.e. check
for /usr/sbin/restorecon instead of /sbin/restorecon on Fedora.
If we don't do this we need to be sure that the /sbin -> /usr/sbin
symlink created during UsrMove will stay on the system.
Martin
More information about the Freeipa-devel
mailing list