Has anyone considered a batch/transaction interface for semanage? The idea would be that you could redirect input from a script containing a list of commands, and either all of them would succeed and be committed to disk or none of the changes would apply and an error message would inform the user of the cause of the problem. The first benefit of this would be an improvement in run-time. Currently semanage can be quite time consuming on a low-end system and if you have a large number of commands to run (EG a for loop that has each iteration adding a number of fcontext rules or user identities) then it could be a real drag. But having the transactional property as well would also be a good benefit. While it's possible to implement the same thing in shell code a basic transactional property would be handy - and save shell coding errors. -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Main Blog http://doc.coker.com.au/ My Documents Blog -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
