How do I handle selinux for an Apache module?
Paul W. Frields
stickster at gmail.com
Sun Aug 10 16:25:41 UTC 2008
On Sat, 2008-08-09 at 23:12 -0700, Ray Van Dolson wrote:
> On Sun, Aug 10, 2008 at 12:06:09AM -0230, David Carter wrote:
> > Hey folks!
> >
> > I'm a newbie to package submission, and I've encountered some selinux
> > issues when packaging my Apache module. The module runs fine without
> > selinux, but won't run without some new rules and file configurations.
> >
> > How is this normally handled in packages? Am I expected to add
> > configurations to handle this? How do I handle cases where selinux isn't
> > enabled?
>
> I know some provide a -selinux sub-package to deal with doing selinux
> policy changes. I'm not sure if this is the official, preferred way or
> not however. And there's no real automated way for someone installing
> your package (who has selinux enabled on their machine) to even be
> aware that the -selinux package exists. I ran into this with awstats.
> So you might make mention of it in the README.Fedora for the main
> package at the very least.
I know the SELinux folks are keen to have packages that provide services
also provide an accompanying policy module. You might want to consider
asking this question on the fedora-selinux-list, where I'll bet you'll
be able to get some help and pointers:
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
Paul W. Frields
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://paul.frields.org/ - - http://pfrields.fedorapeople.org/
irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20080810/5510c5db/attachment.sig>
More information about the fedora-devel-list
mailing list