[DSE-Dev] Bug#658070: closed by Laurent Bigonville <bigon at debian.org> (Bug#658070: fixed in libselinux 2.1.12-1)
Laurent Bigonville
bigon at debian.org
Mon Dec 31 12:05:25 UTC 2012
Hello,
> I've been having a quick look at the changes in 2.1.12-1.
>
> It seems you simply dropped the /selinux directory from the package.
> This should work fine for systems where selinux is not active.
> On systems where selinux is active and selinuxfs is mounted
> at /selinux, the directory will not be removed on upgrades.
> Do you think we need some special handling in the maintainer scripts
> to mount-move /selinux in preinst?
>
> Or does selinux in squeeze already use /sys/fs/selinux and /selinux is
> unused, so if you upgrade from squeeze to jessie there will be no
> mount at /selinux? I guess as you've uploaded to exp only, you don't
> plan to drop /selinux for squeeze?
I guess you meant Wheezy here?
Since Wheezy, libselinux will mount the selinuxfs on /sys/fs/selinux if
it's available during early boot (and will fallback to /selinux
otherwise). This is working well if the machine is booting with a
initramfs, I'm not sure if /sys/fs/selinux is available early enough if
a initramfs is not used (are we even supposed to support that kind of
situation?).
So I would say, if somebody is upgrading from Wheezy to Jessie and the
selinuxfs is still mounted on /selinux, this is a special case (or a
user choice) and /selinux should not be removed.
What do you think?
Cheers
Laurent Bigonville
More information about the SELinux-devel
mailing list