On Monday 12 September 2005 23:29, Tom London <selinux@xxxxxxxxx> wrote: > > > It is created to cache some information which otherwise is read from > > > the XML files in /usr/share/foomatic/db. The cache file is to speed > > > up the process. > > > > > > Even if the directory exists, the file will need to be created. > > > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168085 > > > > I've submitted the above bugzilla requesting that the package provide > > this directory. Tom, please review it and make any comments you consider > > appropriate. > > The fix posted there is much better. > > Are there more services like this that we should review for > directory-create in /var and other places? Will polyinstantiatiation help > clean this up? There are probably other services with the same issues. PI will not help at all. The absolute last thing I want to see is multiple PI versions of /var which will cause all sorts of problems for communications between daemons (think about /var/log and /var/run, and I'm sure that some daemons mess with other daemons' files under /var/cache). I don't believe that there is any need for PI for anything other than files and directories created by regular users. That means /tmp and a possibility of home directories for different levels with MLS. I'm sure that someone will disagree however and I am waiting for email debating this point. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
