Hi all,
there seems to be a discrepancy between man page and actual behavior of
selabel_lookup() with MEDIA backend.
selabel_media man page says:
"Should there not be a valid entry in the media file, then the
default removable_context file will be read (see removable_context(5))."
but the removable_context file is never used (for more details and a
reproducer see https://bugzilla.redhat.com/show_bug.cgi?id=1395621).
I can see two possible solutions:
1) Remove the removable_context file and adjust man pages accordingly.
2) (Probably better) Add mechanism for using the removable_context
Which one would you prefer?
In case of the latter, would adding the content of removable_context
file to saved_data->spec_arr[nspec + 1] (label_media.c) and returning it
in case lookup fails be a reasonable solution?
Thank you.
Vit Mojzis
