selinux breaks revisor
Jeff Spaleta
jspaleta at gmail.com
Tue Jan 22 17:16:59 UTC 2008
On Jan 22, 2008 7:52 AM, Casey Dahlin <cjdahlin at ncsu.edu> wrote:
> We're advertising it in a very public way. More people are expecting it
> to work.
But we aren't using it internally, we aren't dogfooding it with our
spins, and I want to make sure Valent and anyone reading the thread
understands that. My reading of Valent's comment informed me that he
was assuming we were seeing these problems as part of spin release and
implied an assumption that we were using revisor. We aren't.
Now that being said, I think any spin generation toolchain which we
are offering, should be packaged in a way that informs people that
selinux needs to be disabled to use correctly.
And since I don't think spin creation falls into a desktop usage case
of any rational merit, but falls instead into development usage, then
I don't think such a tool should automatically disable selinux even
temporarily.
Selinux when interacting with any chroot-like apparatus is still a
problem. Perhaps its time to take stock of all the packages that rely
on chroot-like behavior which are similarly affected by selinux, so
that a common technical solution can be found and applied.
-jef
-jef
More information about the fedora-devel-list
mailing list