rpm -V selinux-policy-targeted
Alexandre Oliva
aoliva at redhat.com
Thu Nov 25 19:05:00 UTC 2004
On Nov 24, 2004, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Alexandre Oliva wrote:
>> On Nov 24, 2004, Daniel J Walsh <dwalsh at redhat.com> wrote:
>>> Ok we can turn off automatic update of policy from
>>> selinux-policy-*sources, but then
>>> the user will need to manually update the policy if he has manipulated it.
>> Can't we find a middle ground, like: update policy automatically if
>> there have been changes, and leave it alone otherwise since the
>> non-sources policy update will have already taken care of it?
> Sure, but how can I tell in the post install section of the sources package?
One relatively simple way is to have make rules that use
move-if-changed after attempting to update the policy files into a
temporary name. If the policy update is a no-op, you'll keep the old
timestamp and rpm won't complain any more.
--
Alexandre Oliva http://www.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist oliva@{lsd.ic.unicamp.br, gnu.org}
More information about the fedora-selinux-list
mailing list