SELinux RPM scriplet issue annoucement

Reindl Harald h.reindl at
Sun Jan 19 19:06:45 UTC 2014

Am 19.01.2014 20:00, schrieb drago01:
> On Sun, Jan 19, 2014 at 7:32 PM, Jonathan Dieter <jdieter at> wrote:
>> On Sun, 2014-01-19 at 19:15 +0100, drago01 wrote:
>>> On Sat, Jan 18, 2014 at 9:47 PM, Rahul Sundaram <metherid at> wrote:
>>>> Hi
>>>> Since updates don't automatically fix the issue created by
>>>> and users are required
>>>> to run a set of steps as a workaround,  shouldn't this be announced via the
>>>> fedora announce list and posted in the Fedora website prominently as well?
>>> So it happened .. how do we prevent it in the future? How did it pass testing?
>> Should we modify rpm so scriptlet failures aren't fatal?  This is the
>> second time in the last six months or so that I've seen scriptlet
>> failures cause major update problems in Fedora, solely because they are
>> fatal (see
> Well updates should be atomic so you either have the previous
> (working) start or the new working state and thing in between.
> Yes this requires a bit of work but isn't impossible (requires some
> infra at a lower level though)

which would mean disallow scriptlets at all - but you hardly can
do anything scriptlets are doing in a different way

one problem is that many scriptlets are not that important or
fail only on the second update still containing them after
already applied - in that cases have them non-fatal would
avoid dupes with no harm

IMHO this problem is not solveable

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the devel mailing list