That's just the library version, right? Not an indication of a format change in the pcre regex necessarily?
Right.
Any way to get an actual version corresponding to that format?
Unfortunately not. The docs say (from "man pcreprecompile"):
COMPATIBILITY WITH DIFFERENT PCRE RELEASES
In general, it is safest to recompile all saved patterns when you update to a new PCRE release, though not all updates actually require this.
On the last such format change, I believe Dan et al added a trigger to selinux-policy so that it will regenerate the .bin file on any pcre upgrade automatically, so I guess what you describe should work, but it would be nice if we could tie it to actual pcre regex format changes rather than just pcre library versions.
Would require new PCRE API, and more importantly long term buy-in from upstream to maintain that version when the implementation details change in an incompatible way.
It sounds like the RPM trigger will work for the normal case of labeling inside a running system, it's just me who's being bitten by my "cross labeling" approach.
For now I just have a locally patched copy of libselinux that skips loading the .bin file, I'll just keep that for now and come back to this later.
(Although now that I look at it again, I could probably just temporarily set the mtime on the regular file to be later than the .bin)
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
