Selinux and package guidelines
Kevin Kofler
kevin.kofler at chello.at
Tue May 8 05:03:30 UTC 2007
dragoran <drago01 <at> gmail.com> writes:
> David Woodhouse wrote:
> > [...]
> > *SElinux*,
> > [..]
> thx for mentioning this I suggest that any package that create avcs
> should not pass a review. We have suchs packages in extras and nothing
> in the review process takes care of selinux integration which is wrong.
So you want to force reviewers to run with SELinux enabled? That's going to
reduce the number of reviewers significantly and increase the load on the
review queue even more. I for one have SELinux disabled (completely, so I don't
get even permissive AVCs) and I'm surely not the only one. Reviewing is already
tedious enough as it stands (it took me over an hour to review Strigi, and it
already had some quick pre-review comments by Rex Dieter and me). (It does work
though, for example I caught some plugin .so files being mistaken for symlinks
and thus accidentally shipped in strigi-devel rather than in the main strigi
package, that would definitely have broken things for the end user. So I'm not
complaining about the current process, just about your suggestion to add that
SELinux requirement.)
Kevin Kofler
More information about the fedora-devel-list
mailing list