On Tue, 2010-07-13 at 16:45 +0200, Nicolas Mailhot wrote: > Le 13/07/2010 15:30, Rahul Sundaram a écrit : > > > > On 07/13/2010 06:58 PM, Christopher Brown wrote: > >> No. SELinux is unacceptable when it displays ridiculous warning > >> messages to users telling them it has detected suspicious activity on > >> a system that has ONLY JUST BEEN INSTALLED. > >> > > > > That should have failed the release criteria as it is written > > currently. > > IIRC pyzor, for example, has never worked on an selinux system, as it > tries to write stuff in / (and no one has minded for many releases) If it's not installed by default, we don't care (as far as the release criteria go). The criterion Rahul is referencing is: "In most cases, there must be no SELinux 'AVC: denied' messages or abrt crash notifications on initial boot and subsequent login (see Blocker_Bug_FAQ)" from the final release criteria - https://fedoraproject.org/wiki/Fedora_14_Final_Release_Criteria . The 'In most cases' is a standard weasel clause we use when we might want to not fix an issue that would technically breach the criteria if it would only show up in really odd circumstances - for instance, if you have to have three rare bits of hardware installed in conjunction before you'd hit the denial, or something like that. The test case for validating this criterion is: https://fedoraproject.org/wiki/QA:Testcase_desktop_error_checks note that it doesn't test non-default package sets, and doesn't test actively *running* applications, only booting to a default desktop. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
