Le Thu, 1 May 2014 17:57:02 +0200, Holger Levsen <[email protected]> a écrit :
> Hi Laurent, > > On Donnerstag, 1. Mai 2014, Laurent Bigonville wrote: > > I've attached a patch that is implementing the change. > > great! > > > If /selinux is > > present, the selinuxfs will be mounted there. This directory was > > shipped by libselinux package until wheezy (even if in wheezy it was > > mounted already to the new location). > > ack > > > The patch is also changing the way the selinuxfs is mounted. The > > selinuxfs is now bind mounted and then set to read only. This is > > needed to make think the userspace that selinux is disabled, > > otherwise dpkg will simply fail if the selinux policy is not > > installed in the chroot (see: #734193) > > ic. selinux doesnt work in chroots at all? On my SELinux enabled machine, piupart is indeed not working properly because of this. This is only valid for sid/jessie versions of dpkg but this can hardly be called a regression as if the policy is not present on disk this might mean that something wrong is already happening. > > I've also added a soft dependency against python-selinux to use the > > python API to detect if selinux is enabled instead of using > > selinuxenabled executable. If you don't agree with this, I can > > revert this change. > > Yes, I think a recommends is too much here, as recommends are > installed by default. So please revert this bit. Besides that, the > patch looks fine. OK > > I would prefer if you could also give me a pull request or send a git > patch via email... else I'll just take your patch from here... I'll do that. > > Thanks! > > > cheers, > Holger _______________________________________________ SELinux-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
