[Bug 219972] Review Request: poker-network - A poker server, client and abstract user interface library
bugzilla at redhat.com
bugzilla at redhat.com
Sat Jan 27 18:22:26 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: poker-network - A poker server, client and abstract user interface library
Alias: poker-network
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219972
------- Additional Comments From wart at kobold.org 2007-01-27 13:22 EST -------
We've discussed this a bit on IRC, and I think I've found a reasonable solution.
One selinux subpackage will be needed (poker-selinux), and it will contain only
the selinux policy files, not the wrapper scripts. poker-selinux will not need
'Requires: poker-server'.
Since the wrapper scripts are generic enough to be used when selinux is enabled
or disabled, there doesn't need to be a conditional in the init script to call
them if they are present. The wrapper scripts can safely move to the
corresponding poker-bot and poker-server subpackages.
poker-web requires the selinux policies in order to function, since it requires
giving permission to httpd to connect to the pokerd_port_t ports. So poker-web
will need "Requires: poker-selinux". If poker-web is installed with
poker-server and/or poker-bot, this will enforce selinux protection on those two
packages as well. The protection for poker-bot/poker-server can be disabled,
however, by using 'setsebool pokerd_disable_trans on' without affecting the
selinux rules needed for poker-web. But if poker-server/poker-bot are installed
without poker-web, then the selinux protection is only available if the admin
installs poker-selinux manually.
I'm testing out these changes now and will attach updates for the spec file and
init scripts when ready.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list