What's the right place to put application-specific policy modules, such as the mock policy outlined here: http://fedoraproject.org/wiki/Extras/MockTricks
Should those files get compiled into modules, and installed, using mock's SRPM, or should they go into selinux-policy-targeted?
Seth Vidal wants to push out a new mock build soonish, and this is something I'd like cleared up before that if possible.
Thanks, Matt
On Thu, 2006-06-01 at 13:51 -0500, Matt Domsch wrote:
Should those files get compiled into modules, and installed, using mock's SRPM, or should they go into selinux-policy-targeted?
Right now, they should go into the main policy package. Work is underway to allow reasonable packaging of policy within other packages, but there are some dependencies there which need to be handled first.
Also, I'm not 100% convinced that relaxing what mock is allowed to do unconditionally like is described there is the best approach. Not that anything better is immediately coming to mind at the moment :-/
Jeremy.
buildsys@lists.fedoraproject.org