[DSE-Dev] Bug#707214: refpolicy: Please handle new dpkg_script_t execution context
Guillem Jover
guillem at debian.org
Wed May 8 09:30:57 UTC 2013
Source: refpolicy
Source-Version: 2:2.20110726-12
Severity: wishlist
Hi!
I've reworked the SELinux support in dpkg (targetted at 1.17.0), and as
part of that I've added support for maintainer scripts running under a
different dpkg_script_t execution context [0]. I guess the SELinux policy
might need to be updated to take that into account.
[0] <http://anonscm.debian.org/gitweb/?p=dpkg/dpkg.git;a=commitdiff;h=99529be532e9bb6c0d4fda1d803588c64b8fa47a>
Also as part of the rework, I've improved the handling of policy updates
during a dpkg run [1], so that it reloads them when they change, for
example when a new policy package gets upgraded/installed. I'd
appreciate if people from the SELinux team could tell me if the code
in dpkg master works fine for you. (Embedding this request here, because
I guess you might need to use a new dpkg to test the new policy, and
also because alioth rejects my mails...)
[1] <http://anonscm.debian.org/gitweb/?p=dpkg/dpkg.git;a=commitdiff;h=866f5d2a9702da7b4e809b89c3f7df6933e97116>
Thanks,
Guillem
More information about the SELinux-devel
mailing list