On Sat, 2004-04-03 at 06:09, Warren Togami wrote: > 2) apt-get upgrade (but not dist-upgrade) avoids the missing pieces > automatically. All the way through FC2 test1 to current rawhide it has > worked for me in not leaving a broken system. The current selinux > policy problem needs to be solved though. Panu have you communicated > with the selinux people about this? The quick and dirty fix is to put apt-get, apt-shell and synaptic into rpm_exec_t file context, eg apply this patch to the policy-sources and relabel: --- rpm.fc.orig 2004-04-05 22:28:45.000000000 +0300 +++ rpm.fc 2004-04-05 22:29:09.000000000 +0300 @@ -3,6 +3,9 @@ /var/lib(64)?/alternatives(/.*)? system_u:object_r:rpm_var_lib_t /bin/rpm -- system_u:object_r:rpm_exec_t /usr/bin/yum -- system_u:object_r:rpm_exec_t +/usr/bin/apt-get -- system_u:object_r:rpm_exec_t +/usr/bin/apt-shell -- system_u:object_r:rpm_exec_t +/usr/bin/apt-synaptic -- system_u:object_r:rpm_exec_t /usr/lib/rpm/rpmd -- system_u:object_r:bin_t /usr/lib/rpm/rpmq -- system_u:object_r:bin_t /usr/lib/rpm/rpmk -- system_u:object_r:bin_t In the long run apt should probably run in it's own domain with suitable restrictions on the methods etc... but this all raises the question: How are 3rd party packages supposed to ship their own policy settings in a sane manner? - Panu -
