rpms/pam_ssh/F-8 pam_ssh.te,NONE,1.1 pam_ssh.spec,1.13,1.14
Rex Dieter
rdieter at math.unl.edu
Mon Nov 26 14:08:02 UTC 2007
Patrice Dumas wrote:
> On Mon, Nov 26, 2007 at 03:20:33PM +0300, Dmitry Butskoy wrote:
>> [snip]
>>
>>> +%post
>>> +semodule -i %{_datadir}/selinux/packages/%{name}/%{name}.pp || :
>>> +
>>> +%postun
>>> +if [ "$1" -eq "0" ]; then
>>> + semodule -r %{module} || :
>>> +fi
>>>
>>
>> AFAIK a lot of people just do not use SELinux and even prefer to remove
>> its packages. It seems to me that a hard requirement of "policycoreutils"
>> is not a good thing here.
other than a few MB's, it's mostly harmless. *shrug*.
>> Maybe just check in %post and %postun whether the "semodule" binary is
>> present (i.e., "[ -x /usr/sbin/semodule ] && ....")? Or use %triggerin
>> for policycoreutils...
>
> %triggerin should really be avoided.
Why? it would appear that it would work to satisfy the requirements here.
-- Rex
More information about the devel
mailing list