Managing SELinux in the Enterprise
Daniel J Walsh
dwalsh at redhat.com
Fri Oct 17 21:03:53 UTC 2014
Here is the patch that has sped up the installing of selinux policy 10
times for openstack.
If you are making lots of changes to selinux policy, you should always
use a transaction.
On 10/17/2014 03:18 PM, Daniel J Walsh wrote:
> Ryan can you attach the opestack-selinux.spec file we worked on a couple
> of weeks ago. Or give us a link were you can find it.
>
>
> On 10/13/2014 08:33 AM, Lukas Zapletal wrote:
>>> The openstack-selinux rpm package has a bunch of operations being done
>>> within a transaction, including setting network ports, booleans and
>>> default file labeling.
>> Dan, would you mind sharing the URL/git repo link? I was only able to
>> find the policy itself, I'd like to see the SPEC file. I don't see any
>> content in the fedora distgit.
>>
>> We (Satellite 6 / Foreman) team take several approach, which was
>> initially inspired from Satellite 5 / Spacewalk. We also put things into
>> transactions and stuff. I'd like to compare with OpenStack if we can
>> improve.
>>
>> https://github.com/theforeman/foreman-selinux
>>
>> Thanks!
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openstack-selinux.patch
Type: text/x-patch
Size: 2447 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20141017/042771b2/attachment.bin>
More information about the selinux
mailing list