Joe Orton wrote:
This means that you modified the file_context/policy.18 file by using selinux-policy-targeted-sources file.Should I expect output like this from rpm -V from a fresh install, even if I haven't touched the policy myself?
[root@blane ~]# rpm -V selinux-policy-targeted .......TC c /etc/selinux/targeted/contexts/default_contexts .......TC c /etc/selinux/targeted/contexts/default_type .......TC c /etc/selinux/targeted/contexts/failsafe_context ..5....TC c /etc/selinux/targeted/contexts/files/file_contexts .......TC c /etc/selinux/targeted/contexts/files/media .......TC c /etc/selinux/targeted/contexts/initrc_context .......TC c /etc/selinux/targeted/contexts/removable_context .......TC c /etc/selinux/targeted/contexts/userhelper_context .......TC c /etc/selinux/targeted/contexts/users/root ..5....T. c /etc/selinux/targeted/policy/policy.18
Since policy/policy.18 is marked %config(noreplace) the new policy.18 file is installed as policy.18.rpmnew and hence it seems manual intervention is needed to load the new policy, it's not a simple rpm -U or up2date run away - is this desirable?
joe
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
The upgrade of selinux-policy-targeted-sources should do a make reload when it completes, causing the policy.18 and file_contexts file
to be replaced. This way if you made local changes they will be maintained. (There was/is a bug with the moving of the /usr/bin files
to /usr/sbin that is causing certain *sources rpms not to do a make load.
make -C /etc/selinux/targeted/src/policy load will force a load from sources.
Dan
