On Thu, 1 May 2008, Stephen Smalley wrote: > It isn't a perfectly general solution, of course. > > An alternative approach would be for rpm to load policy at least > defining the types first before setting down the files, which was our > original preference, but that wasn't viewed as workable by the distro > folks. It might be easier if we had a specific SELinux kernel interface > (i.e. another selinuxfs node) that permitted adding types w/o performing > a complete policy reload. I gather the problem is build hosts where you don't want to give that much privilege to users. - James -- James Morris <jmorris@xxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
