[Rpm-maint] [RFC PATCH 0/2] no policy patchset

Steve Lawrence slawrence at tresys.com
Fri Aug 14 17:27:05 UTC 2009


The following patches are part of our effort to integrate SELinux policy
installation into RPM.

The first patch, which adds support for installing policy during an rpm
transaction, is the same patch we sent to the list last month [1] with
minor changes to apply to the most recent master branch. The second
patch adds an option to disable policy installation.

We are primarily interested in comments on the second patch, though we
are happy to get any comments on the first as well.

[1] http://lists.rpm.org/pipermail/rpm-maint/2009-July/002452.html

- Steve

Steve Lawrence (2):
  install selinux policies from package header
  skip policy installation using --nopolicy option

 lib/poptI.c                                   |    2 +
 lib/psm.c                                     |   85 +++++++++++++++++++++++++
 lib/psm.h                                     |    6 ++-
 lib/rpmte.c                                   |   10 +++
 lib/rpmte_internal.h                          |    3 +
 lib/rpmts.h                                   |    1 +
 lib/transaction.c                             |   85 ++++++++++++++++++++++++-
 tests/data/SOURCES/poltest-1.0.tar.bz2        |  Bin 0 -> 384 bytes
 tests/data/SOURCES/poltest-policy-1.0.tar.bz2 |  Bin 0 -> 446 bytes
 tests/data/SPECS/poltest.spec                 |   36 +++++++++++
 10 files changed, 226 insertions(+), 2 deletions(-)
 create mode 100644 tests/data/SOURCES/poltest-1.0.tar.bz2
 create mode 100644 tests/data/SOURCES/poltest-policy-1.0.tar.bz2
 create mode 100644 tests/data/SPECS/poltest.spec



More information about the Rpm-maint mailing list