On Wed, 2005-12-07 at 16:18 +0100, Nicklas Norling wrote: > Been looking around for quite some time and have found very little about > how one is > supposed to create rpm packages with selinux content. > > Specifically I'm trying to create a rpm package of trac > http://projects.edgewall.com/trac/. > The Wiki there suggests .fc and .te files for it > http://projects.edgewall.com/trac/wiki/TracWithSeLinux. > > How would you recommend I go about this project. Does selinux contain a > system > for plugging in .te and .fc files so contexts are recognized during the > package install or > should I submitt these files for inclusion in the normal policy packages > and wait for it > to hit the fans? > > Do anyone have any pointers to best practis in these situations? What > can the .spec file > do in order to keep track of selinux permissions etc. Current practice is just to submit patches to the single monolithic policy to add your .te and .fc files there rather than trying to package them with your software package. However, FC5 (development) has incorporated the new support for binary policy modules, which allows individual .te and .fc files to be precompiled and packaged together and shipped separate from the base policy package. So it depends on what you are targeting, e.g. if you are looking ahead to FC5 or just trying to get things working in FC4. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
