On 03/05/2010 02:53 PM, Stephen Smalley wrote: > On Fri, 2010-03-05 at 10:09 +0100, Dominick Grift wrote: >> On 03/05/2010 04:29 AM, Robert Nichols wrote: >>> And, it appears that I have to remember to re-install all local policy >>> modules every time there is a policy update, right?? :-(( >> >> Not in all cases but in the case where user domains are involved that >> may be true. semodule -B may also do the trick. > > What's an example where that is required, and why? > Well i dont remember exactly but i use to have a custom user domain, and when fedora's selinux-policy had an update that affected interfaces in the userdomain, that my custom user domain calls. Then this change would not reflect in my custom user domain. I had to reinstall my custom user domain after fedora selinux policy updates that made relevant changes to the userdomain. I think the explanation was that its works like static libraries and not like dynamic libraries. Unfortunately my memory might be wrong. Also i cannot find the particular discussion i had with dwalsh about the issue on the mail lists on short notice. Also i do not know whether this is even related to this issue.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
