On Mon, Apr 06, 2009 at 10:13:39PM -0000, Jiri Palecek wrote: > I'd like to package the selinux tests from the ltp test suite. The tests > need a special selinux policy to be loaded and some files to be relabeled. > I haven't found any standard way of packaging this, so I made an > experimental package (see [1]; it sort of works - not completely, like 10 > tests out of 30, but that's not an issue now) and I would like to hear your > opinion on these issues:
> 1. The package loads the policy on "postinst configure" with semodule -i, is > that right? (And did I implement it properly in the scripts?) There were some > avc message during package install (semodule was denied access to a terminal > with type apt_t), can this be solved? As long as it fails gracefully is semodule binary is missing or selinux isn't enabled. > 2. The relabeling has to be done manually with fixfiles relabel; is there a > way to do it (and should it be done) automatically? > 3. The runtime packages depend on selinux-policy-default; should it > (alternatively) depend on the other policies too? Would this need a separate > policy package? > 4. Should the policy package be in /usr/share? I didn't hear any comments for one month on debian-devel, perhaps our selinux masters Russell or Manoj have a word to say? If there still isn't any opinion, I will work on sponsoring the ltp package with selinux tests on weekend. Cheers, Riku > [1]: http://mentors.debian.net/debian/pool/main/l/ltp/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org