Not good
Stephen Smalley
sds at epoch.ncsc.mil
Mon Apr 5 16:35:17 UTC 2004
On Mon, 2004-04-05 at 12:21, Gene Czarcinski wrote:
> That is what I figured ...
>
> However, I am not sure that policy-sources should automatically build the
> policy and file_contexts from source and then load it.
Tradeoffs either way; you'd typically like for policy updates to take
effect immediately. policy and policy-sources could possibly run some
helper from the %post scriptlet that checks some local config to see
whether the policy should be immediately rebuilt and loaded or whether
it should just notify the admin of a pending policy update.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list