[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Process for creating Fedora selinux-policy packages

Richard Fearn wrote:

Due to an SELinux bug I reported in August, I've been tyring to understand the selinux-policy packages to see how they're built. I understand the principle of taking the upstream refpolicy, modifying it and building the Fedora-specific packages. However, I'm struggling to see where the refpolicy is coming from.

For example, as I write this, the latest FC6 selinux-policy package pushed to the repositories is 2.4.6-1. According to the "sources" file in CVS, this package is built using serefpolicy-2.4.6.tgz. If I get serefpolicy-2.4.6.tgz from the lookaside repository then the VERSION file in it says 20061018. However, the contents of serefpolicy-2.4.6.tgz differ a great deal from the "official" 20061018 version of the reference policy from Tresys.

I could understand it if the Fedora selinux-policy packages were directly based on the 20061018 version of the refpolicy from Tresys, but there seems to be an intermediate stage of development that produces the serefpolicy-2.x.x.tgz files in the lookaside repository.

My question is: is there a CVS repository somewhere for a "Fedora reference policy", that is used to build all these serefpolicy files?

The numbering is being done by me. I am just taking CVS dumps off of tresys policy and applying patches. When I update to the latest policy from Tresys. I build my own policy tarball off of the current cvs/svn version and apply my patch. Treysys at some later time releases a version with the date you have. So it is difficult to match up my release with what tresys is releasing.

Richard Fearn

fedora-selinux-list mailing list
fedora-selinux-list redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]