FC2 and FC1 and common home
Colin Walters
walters at redhat.com
Wed Apr 7 00:02:36 UTC 2004
On Tue, 2004-04-06 at 19:46, Jeremy Katz wrote:
> I actually pretty strongly disagree here. I think that we need to move
> to where policy for various daemons is included and maintained along
> with the daemon.
The reason policy is centralized is because it allows one to easily
analyze the entire thing at once, and also makes it easier to make
sweeping changes by modifying just a few files.
> Otherwise, we have a never-ending battle of one huge
> monolithic package that will end up with bizarre dependencies on apps.
I'm not sure I understand - how does policy depend on applications?
> Managing that is going to be a nitemare in the long-term. Think of the
> situation where you want to upgrade your sendmail package, but to
> upgrade your sendmail package, you need the new policy that has
> information for the new way sendmail is split up but *that* requires you
> to upgrade something else... it can spiral out of control very very
> quickly.
What would the policy package require you to upgrade?
> There's a reason we don't, eg, put all of the German translations for
> everything we ship in, eg, a translations-german package. It just
> doesn't scale maintenance wise.
Translations are different from SELinux security policy in that they're
mostly independent of one another.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20040406/939e38b2/attachment.sig>
More information about the fedora-devel-list
mailing list