SELinux RPM scriplet issue annoucement

Lukas Zapletal lzap at
Fri Jan 24 16:34:19 UTC 2014

One note on that topic:

I found myself giving karma to an update, while I tested different
version (actually a completely different build). It would be good if
giving karma would require to insert a hash or something generated from
the package itself (rpm -q -qf something package), header or signature.
Portal could check the hash and only accept karma for those users, who
obviously installed the package. It could be optional as well.

This could prevent mis-giving karma while testing different version of a
package. The portal could instruct user to run specific one (short)
command to get the hash and to put it in the form.

This is just an idea. Question arises when the package consist of
multiple subpackage (only to test the base one?) and also how much
intrusive this would be for folks.


 Lukas "lzap" Zapletal
 irc: lzap #theforeman

More information about the devel mailing list