[DSE-Dev] Bug#707183: debian-policy: Removal of the FHS exception for the /selinux directory

Charles Plessy plessy at debian.org
Mon Sep 16 02:45:48 UTC 2013

Dear all,

do you think it would make sense to remove the FHS exception for the /selinux
directory in the next version of the Policy ?

See the attached patch.

Have a nice day,

-- Charles Plessy, Tsurumi, Kanagawa, Japan

Le Wed, May 08, 2013 at 09:28:57AM +0900, Charles Plessy a écrit :
> Package: debian-policy
> Severity: wishlist
> Dear all,
> in light of the message below, maybe the exception to the FHS for
> <file>/selinux</file> can be removed from the Policy in the future ?
> Cheers
> -- Charles
> ----- Forwarded message from Laurent Bigonville <bigon at debian.org> -----
> Date: Tue, 7 May 2013 16:51:41 +0200
> From: Laurent Bigonville <bigon at debian.org>
> To: debian-devel at lists.debian.org
> Cc: selinux-devel at lists.alioth.debian.org
> Subject: Removal of the /selinux directory
> Message-ID: <20130507165141.1bbecac6 at soldur.bigon.be>
> X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.10; x86_64-pc-linux-gnu)
> Hello,
> I'm planning to upload a new version of libselinux in unstable
> soon. This new version is dropping the /selinux directory that was used
> in the past as the selinuxfs mountpoint.
> Since Wheezy, the library is mounting selinuxfs under /sys/fs/selinux,
> and falling back to /selinux if the former is not available during
> early boot.
> All the selinux userspace tools and libraries should already be aware of
> this change. If you have packages that directly mount or manipulate
> the selinuxfs, you should probably check that it use the correct paths
> (ie. piupart, bug #682068).
> I'm intentionally not forcing the migration to the new mountpoint nor
> forcing the deletion of the directory on upgrade as, in my mind, if a
> Wheezy machine is still using the old mountpoint that might be for
> perfectly valid reasons and the package shouldn't touch it.
> A discussion has already been initiated on the bug report, see: #658070.
> Any remark on this?
> Cheers
> Laurent Bigonville
> ----- End forwarded message -----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Policy-Remove-the-exception-to-the-FHS-for-the-selin.patch
Type: text/x-diff
Size: 1435 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20130916/7415eeb6/attachment.patch>

More information about the SELinux-devel mailing list