On Thu, 2004-06-24 at 16:21, Ivan Gyurdiev wrote: > What's the proper way to upgrade the selinux policy? > > yum and rpm leave me with .rpmnew files every single time. This suggests that you installed the policy source package as well, or locally modified your policy directly. If you install or update the policy source package (selinux-policy-strict-sources), then it should rebuild the policy files from source and load the new ones automatically as part of the %post. Updating the policy package (selinux-policy-strict) will then leave you with .rpmnew files because it sees that the files have been locally rebuilt. >I assume I'm supposed to manually overwrite the old ones. Is that so? Or update policy sources to get them regenerated. > Do I need to run make relabel? > > ______________________________________________________________________ It is generally safest to do so, but often unnecessary (only if there is a relevant change to file_contexts that affects you). Relabeling is not presently automatically performed upon a policy update. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
