[DSE-Dev] SELinux release goals for Debian Jessie ?
a.kuckartz at ping.de
Thu Oct 3 21:04:58 UTC 2013
>> But are there no better alternatives than calling restorecon? The
>> main use of that command is to "correct errors" (as the man page
>> Wouldn't it be better to avoid those errors by correcting the
>> scripts ?
> That would requires changes in the repolicy (for the files created by
> initscripts) and some changes to dpkg code (I'm not even sure that
> this could be achieve that way) for the files installed by maintainer
> So here restorecon call is a correct way of doing things, even if it's
> maybe not the best. There are actually several initscript that are
> doing this ATM.
>> Are we aware of packages with such errors? So far I only know about
>> this one, because it is blocking #685992 :
> There is also #678719
In these two issues the maintainers seem to explicitly dislike the
Perhaps they are more interested in the best way of doing things?
I suppose that rpm-based distributions using SELinux had to solve
More information about the SELinux-devel