[DSE-Dev] Bug#805492: /var/lib
Russell Coker
russell at coker.com.au
Mon Feb 29 02:46:02 UTC 2016
On Mon, 29 Feb 2016 02:47:04 AM Laurent Bigonville wrote:
> Le 28/02/16 11:05, Russell Coker a écrit :
> >> the easiest would be to do like fedora and install the modules directly
> >> in the /var/lib/selinux/<policy>/100 store instead of copying/loading
> >> them at installation time
> >
> > Do you mean having files in the package under /var/lib? If so that seems
> > like a FHS violation. Why not just keep them under /usr/share/selinux
> > and symlink them?
>
> There are a lot of packages that ships files in /var/lib.
I'm sure that you can find many ways in which there are a lot of broken
packages in Debian or in any other distribution. That said if we have a
strong precedent in Debian for doing things a certain way it is an argument
for doing more of the same.
> Are you sure you are not thinking about /var/run?
https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
# State information. Persistent data modified by programs as they run, e.g.,
# databases, packaging system metadata, etc.
The above section from the above URL suggests that package maintained files
aren't suitable.
The description of /usr is:
# Secondary hierarchy for read-only user data; contains the majority of
# (multi-)user utilities and applications.
For /usr/share it says:
# Architecture-independent (shared) data.
I think that /usr/share is the best place for it. If /var/lib has symlinks
into /usr/share then files which aren't changed can be replaced by a package
upgrade while files that are modified by utilities can stay modified.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
More information about the SELinux-devel
mailing list