Drawing lessons from fatal SELinux bug #1054350

Fri Jan 24 20:17:03 UTC 2014

On Fri, 24 Jan 2014 11:14:50 -0800, Adam Williamson wrote:

> It's not at all
> obvious to anyone that you ought to test update/install of another
> package in order to validate an update to selinux-policy-targeted .
> Hell, I don't do that.

Amazing.

https://admin.fedoraproject.org/updates/FEDORA-2014-0806/selinux-policy-3.12.1-116.fc20

 | selinux-policy-3.12.1-116.fc20 critical path bugfix update

https://fedoraproject.org/wiki/Critical_path_package#Actions

How to understand that?

Especially with regard to downloading builds from koji, installing them
manually and voting +1 even before a test update has entered the repo.

The fast people, who do that regularly in addition to a daily yum update,
could not escape from this bug. On the contrary, other users who don't
update often, have skipped the bad selinux policy update.

I consider it likely that the testers would have noticed Yum/RPM update
errors, if only they had used their updated systems normal for let's say
one or two days and at least one reboot.

There's also

  fedora-easy-karma --installed-min-days=4

which is can very helpful, since you won't be asked for updates installed
just a few minutes ago.

Also let's not forget, for testing an selinux-policy-targeted update,
you ought to run with SELinux in enforcing mode.

> The 'comment' field exists to allow people to express all these things,
> but as it's just a completely free-form text field,

... and even can be left empty :(  so a packager doesn't get any
explicit feedback from the tester other than the +1.

> Those are just examples: the point is that what we badly need here is a
> more expressive and flexible system. (As well, as I've said elsewhere in
> the discussion, as a good automated test for this specific and
> well-known category of 'delayed action' update problems).

Is it so hard for testers to slow down a bit until such a system will be
available? ;-)