Drawing lessons from fatal SELinux bug #1054350

[Richard W.M. Jones]

On Fri, Jan 24, 2014 at 11:14:50AM -0800, Adam Williamson wrote:
> On Fri, 2014-01-24 at 19:26 +0100, Michael Schwendt wrote:
> 
> > > * That update made it out to the stable updates! In other words, the 
> > > draconian Update Policies that were enacted in a vain attempt to prevent 
> > > such issues from happening utterly failed at catching this bug.
> > 
> > Those policies are not "draconian" enough [1]. On erroneous belief that
> > a +1 from three different testers would mean that the update has seen
> > enough testing, the test update has been published with the default karma
> > threshold of +3. The testers have failed. It's too simple for testers to
> > rush through the voting in bodhi without testing the updates
> > painstakingly. "The faster the better" has lead to a fatal mistake in
> > this case.
> 
> I think that's being unnecessarily harsh on the testers. It's not at all
> obvious to anyone that you ought to test update/install of another
> package in order to validate an update to selinux-policy-targeted .
> Hell, I don't do that.

Doesn't / can't AutoQA (or whatever we're calling it these days) pick
up the new package, install it in a VM, and run through some automated
tests:

 - Does Fedora still boot with this package added?
 - Does GNOME still come up?
 - Does yum still work?

At least the third one might have automatically found this bug.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/