rpms/pam_ssh/F-8 pam_ssh.te,NONE,1.1 pam_ssh.spec,1.13,1.14
Dmitry Butskoy
buc at odusz.so-cdu.ru
Mon Nov 26 12:20:33 UTC 2007
[snip]
> Requires: openssh-clients
> +Requires: policycoreutils
> BuildRequires: pam-devel, openssh-clients, openssl-devel
[snip]
> +
> +%post
> +semodule -i %{_datadir}/selinux/packages/%{name}/%{name}.pp || :
> +
> +%postun
> +if [ "$1" -eq "0" ]; then
> + semodule -r %{module} || :
> +fi
>
AFAIK a lot of people just do not use SELinux and even prefer to remove
its packages. It seems to me that a hard requirement of
"policycoreutils" is not a good thing here.
Maybe just check in %post and %postun whether the "semodule" binary is
present (i.e., "[ -x /usr/sbin/semodule ] && ....")? Or use %triggerin
for policycoreutils...
How another packages deal with similar things?
Dmitry Butskoy
http://www.fedoraproject.org/wiki/DmitryButskoy
More information about the fedora-devel-list
mailing list