On Tue, Apr 28, 2020 at 11:29 AM James Carter <jwcart2@xxxxxxxxx> wrote: > > On Tue, Apr 28, 2020 at 4:49 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > > > On Mon, Apr 27, 2020 at 9:39 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > > On Tue, Mar 31, 2020 at 4:30 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > > > > > > > On Sat, Mar 28, 2020 at 8:46 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > > > > > > > > > Implement a new, more space-efficient form of storing filename > > > > > transitions in the binary policy. The internal structures have already > > > > > been converted to this new representation; this patch just implements > > > > > reading/writing an equivalent representation from/to the binary policy. > > > > > > > > > > This new format reduces the size of Fedora policy from 7.6 MB to only > > > > > 3.3 MB (with policy optimization enabled in both cases). With the > > > > > unconfined module disabled, the size is reduced from 3.3 MB to 2.4 MB. > > > > > > > > > > Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> > > > > > > > > Acked-by: James Carter <jwcart2@xxxxxxxxx> > > > > > > > > > > Sorry, it has been a while. > > > > No problem. I would've merged it myself, I just wasn't sure if we > > shouldn't try to do something about the setools issue somehow... But I > > really don't feel like touching that code, so if the consensus is that > > this is worth the breakage then I'm fine with it :) > > > > I thought the consensus was to apply this now, but it would be nice to > not break setools, so I am going to hold off merging for day or two > and take a look at how much work it would be to export what setools > needs. There was an earlier discussion about whether we ought to make another selinux userspace release soon. If so, we should defer applying this change until after that release to avoid breaking setools with no fix in sight for it.
