SELinux RPM scriplet issue annoucement

Reindl Harald h.reindl at thelounge.net
Sun Jan 19 19:06:45 UTC 2014



Am 19.01.2014 20:00, schrieb drago01:
> On Sun, Jan 19, 2014 at 7:32 PM, Jonathan Dieter <jdieter at lesbg.com> wrote:
>> On Sun, 2014-01-19 at 19:15 +0100, drago01 wrote:
>>> On Sat, Jan 18, 2014 at 9:47 PM, Rahul Sundaram <metherid at gmail.com> wrote:
>>>> Hi
>>>>
>>>> Since updates don't automatically fix the issue created by
>>>> https://bugzilla.redhat.com/show_bug.cgi?id=1054350 and users are required
>>>> to run a set of steps as a workaround,  shouldn't this be announced via the
>>>> fedora announce list and posted in the Fedora website prominently as well?
>>>
>>> So it happened .. how do we prevent it in the future? How did it pass testing?
>>
>> Should we modify rpm so scriptlet failures aren't fatal?  This is the
>> second time in the last six months or so that I've seen scriptlet
>> failures cause major update problems in Fedora, solely because they are
>> fatal (see https://bugzilla.redhat.com/show_bug.cgi?id=989145).
> 
> Well updates should be atomic so you either have the previous
> (working) start or the new working state and thing in between.
> 
> Yes this requires a bit of work but isn't impossible (requires some
> infra at a lower level though)

which would mean disallow scriptlets at all - but you hardly can
do anything scriptlets are doing in a different way

one problem is that many scriptlets are not that important or
fail only on the second update still containing them after
already applied - in that cases have them non-fatal would
avoid dupes with no harm

IMHO this problem is not solveable

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140119/d399750e/attachment-0001.sig>


More information about the devel mailing list