On Tue, 24 Oct 2006 13:42:42 +0200, Frans Pop <[EMAIL PROTECTED]> said:
> AFAICT the argument is that selinux should not be hard linked at > all. Having openssh require selinux libs is unwanted overhead for > the installer. Well, since openssh already links with libselinux, my patch is not a regression. > A solution should be found so that selinux will only be used if it > is available _at runtime_, as was already done for some other libs > that also produce udebs. > See for comparison: > http://bugs.debian.org/318115 > http://bugs.debian.org/375413 > Alternatively the udebs could be compiled separately without selinux > support. Either of these would be fine (though looking at the size of libselinux1, I wonder if there are any numbers behind the burden theory?), but that would be a more intrusive change for openssh than I am willing to make as a non-maintainer at this stage of the game. At this point, openssh links with libselinux1 where available. The code in openssh that exercises this library is out of date; I am merely bringing it up to be compatible with the SELinux infrastructure we will be shipping in Etch. I am not _adding_ selinux code to openssh; I am _updating_ code that already exists. manoj -- There's a fine line between courage and foolishness. Too bad it's not a fence. Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/~srivasta/> 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]