-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Wed, 2017-11-01 at 09:46 +0100, Petr Lautrbach wrote:
> Hi,
>
> we are going to drop file_contexts.bin from selinux-policy-targeted
> package.
>
> file_contexts.bin file is regenerated by sefcontext_compile utility
> every time
> policy is rebuilt, e.g. during update, after semodule -B, ... and
> this file
> contains pre compiled pcre regexes from file_contexts.
>
> We added this file to selinux-policy-targeted in order to prevent
> problems such
> were [1] [2] but it causes another problems like [3]
>
> Since systemd should be already fixed, it seems to be safe to drop it
> again and
> let it create during post install phase. So we are going to drop it
> from
> Rawhide and I think it could be dropped from Fedora 27 as well.
Am I right that this file will be created on installation? Then you
should use %ghost to mark it belonging to some package.
>
> I've prepared COPR selinux-policy build [4] without this file. It
> would be
> great if someone could test it in some Live image.
>
> With few simple step you can also test how userspace works without
> *.bin files
> on a local system:
>
> 1. remove .bin files from /etc/selinux/targeted/contexts/files/
>
> # rm /etc/selinux/targeted/contexts/files/*bin
>
> 2. add/change /etc/selinux/semanage.conf so it contains:
>
> [sefcontext_compile]
> path = /bin/true
> [end]
>
> 3. update selinux-policy{,-targeted} from [4]
>
> 4. test it - reboot, relabel, run a desktop session, ...
>
>
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1314372
> [2] https://github.com/systemd/systemd/pull/2508#issuecomment-1882354
> 77
> [3] https://bugzilla.redhat.com/show_bug.cgi?id=1502009
>
> [4] https://copr.fedorainfracloud.org/coprs/plautrba/selinux-policy/b
> uild/656330/
>
> Thanks,
>
> Petr
>
> _______________________________________________
> devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
- --
- -Igor Gnatenko
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAln5jPEACgkQaVcUvRu8
X0yy9w//Z8GDqWhQOJoWL7UeP3OO+8s1i5NbUSw0cLsZroccy9A5yTvX+3tSOP1i
oxE0XWQFPF81nefbDAXdpxWqhVtVigQMpvgXKI3yss46Xnk4zts/Avbsti1ctvFB
KUPFl/nrwUTXF/sTkLSiz6RFWURL/fRrfBrsFhfEzDyp8wwEfpDb6Jh0ago0lgfD
2UZsLacRezy5XU38w4C9kJRlm/C4HpuNb/aiE3ciz8hlvtMwUbCCf5cQo7BqugMq
50/e/tbcMzsBh5Ynav0wgEvLhNSR3WO2T8h7T7b4uFbKAph65A0LzHJqXDscDX4q
GdNWjLEcKgMcpkvullVmJN+KbT/Sa3zEZO9ZFedd+0VHgP1ZLLzZPtc+7bTXN0uy
rRFplppfs8NiMyLRHkyl35C6Z8lykWAh8o3zdV4XIeIzMrCt3sqmF6Fq3z6r6YGn
xxz8t5jjJh+uUrcSbw9N2ojnwZkR6oWmTOiCEvUbOBk73xxnV2oNgbvzwoW+1CAI
mLCQQ//WhpuaEiupdk2wR5zXeeIOqZ6VXeYH6UWxn5Q1xa4aUljbI8C5s6Yqsf3a
cSULw83wz9keIXpjzg39mOxTHcLJJFHKI+lnPn4X7M2PjrTDvaNHbs40pYGzCfX1
Fy9VPtZPKSm4Uqp62YyCTH7wvNsfT4dWy1ZXCkxHTgzaNwEOeMs=
=emsS
-----END PGP SIGNATURE-----
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
