Adam Williamson wrote: > 2) There is an AVC that appears on boot on just about all installs of > Rawhide at present: > https://bugzilla.redhat.com/show_bug.cgi?id=1392161 > this causes the large number of soft failures, because many openQA > tests now run a check for any AVCs or crash notifications after > installation, and if any are found, it's considered a soft failure. [snip] > 7) All the 'check if all services start correctly' tests for various > images fail because of this SELinux/systemd issue: > https://bugzilla.redhat.com/show_bug.cgi?id=1412750 > > It occurs to me that we have kind of a recurring story: 'new systemd > release lands in Rawhide, stuff breaks because it does stuff SELinux > doesn't expect it to'. It might be nice if we could organize some kind > of co-ordination between systemd and SELinux folks such that the > appropriate SELinux permissions get added *before* the new systemd > release lands. Of course, it would make things easier if we could > provide upstream systemd with a nice easy way to test their git master > on Fedora Rawhide, I guess. Or, you know, we might actually SOLVE this issue once and for all, by dropping SELinux. SELinux by design keeps second-guessing what programs may want to do, which necessarily breaks when things change. (Only the NSA can think that duplicating knowledge about ALL programs in the distribution in a single central database (single point of failure) can ever scale.) And since patronizing other programs is the only "feature" SELinux is even DESIGNED to provide, we are best off dropping that DoS tool entirely. Kevin Kofler _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
