Stephen Smalley wrote:
On Fri, 2004-06-04 at 13:24, Daniel J Walsh wrote:To me it looks like Yum picks non-related RPM files randomly or least not via the alphabet.
Yes this is because you were running with strict policy before, so I expected you to run with strict policy afterwards. Yum update would have pulled both strict and targeted.
So Initial install gets targeted, upgrade from FC2 with policy gets strict. The one hole in the strategy is upgrading a policy -> targeted without installing strict.
I'd suggest that each package (selinux-policy-strict, selinux-policy-targeted) set the SELINUXTYPE to its own type (strict or targeted) if it is not already set (or more simply, if /etc/selinux/config does not exist at all). Wouldn't a yum update pull in strict first, so this would still ensure preservation of strict policy in that case?
Dan
