Am 25.07.2013 21:06, schrieb drago01:
On Thu, Jul 25, 2013 at 9:01 PM, Reindl Harald h.reindl@thelounge.net wrote:
There might still be bugs in them (and/or in the selinux-policy package). Being more specific would be way more productive. Like "my app tries to do X but fails with the following message"
my app does not exist outside the own infrastrcuture
How does that even matter? That does not mean that your app is unfixable. Unless it is a closed source thing and your developer left.
the developer am i
"I have a custom developed app that tries to do X but then I get an AVC like ....." is a completely valid bug report.
You will either get an answer like "do it that way instead and it will work" or "oh this is a bug fixed in selinux-policy version foo.x.y"
you refuse to understand that "do it that way instead" is no otpion for some hundret thousand lines of code working *perfectly* since years and have to work togehter on a whole cluster
however, im am not interested to discuss a lifetime-work doing exactly as it should which can be *more* secure as it already is with two lines in a systemd-unit which is done, up and working for hours
someone may consider to do the same or not it does not have impact on my workload