Selinux and package guidelines
Till Maas
opensource at till.name
Sun May 6 19:14:41 UTC 2007
On So Mai 6 2007, dragoran wrote:
> but it would be better to clean up before aproving a package (if a
> selinux expert is needed cc one in the review request)
> we should do something like "works with selinux enforcing ->no please
> fix first" during the review
Please update the documentation about selinux and packaging[1] first,
currently, there is not much help to allow e.g. execmod for a file in a
package. Without proper documentation, your demand seems not to be very wise
to me.
Also does rpm not support a packager very much to use selinux afaik. When one
needs two extra files and more than 15 lines of scriptlets for only making
some files "textrel_shlib_t", it is not much helpful. Imho something like
%textrel_shlib_t /path/to/libpackage.so
in %files should be enough, because it contains all the information that is
needed (the lib should have textrel_shlib_t) and everything else can be
automatically.
Regards,
Till
[1] http://fedoraproject.org/wiki/PackagingDrafts/SELinux
More information about the fedora-devel-list
mailing list