Re: Not good

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 05 April 2004 11:34, Stephen Smalley wrote:
> On Mon, 2004-04-05 at 11:27, Gene Czarcinski wrote:
> > 3. From what I see, there is no reason to have the policy package at all
> > since policy-sources will build the needed files (except for
> > /etc/security/{default_contexts,default_type,failsafe_context} and they
> > could be in policy-sources too.
>
> As I understand it, the intent of policy is to support minimal installs,
> where the policy-sources and associated dependencies are not desirable.
> However, note that policy updates can't preserve local customizations,
> e.g. tunables or users, whereas policy-sources updates do.  If you have
> never customized your policy at all, then you should just be able to
> update policy.  If you have customized your policy and rebuilt it, then
> the %config(noreplace) should protect the binary policy against direct
> policy updates, and should protect tunables and users against
> policy-sources updates.

That is what I figured ... 

However, I am not sure that policy-sources should automatically build the 
policy and file_contexts from source and then load it.

Gene


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux