Drawing lessons from fatal SELinux bug #1054350
kevin.kofler at chello.at
Sat Jan 25 18:10:16 UTC 2014
Dominick Grift wrote:
> Sure, what i am saying is that this could have been prevented if the
> team just put a little more passion into it and also did some proof
> reading/coordination. The team knows whats going on. They know the
> issues and they can quickly and effortlessly identify issues like these
> if only they would take some time to watch each others commits.
Looking at the history of the involved bugs, using manual pushes rather than
the broken karma automatism and taking into account Bugzilla comments, not
just Bodhi comments, would probably also have prevented this fiasco. One of
the bugs (not the one that ended up becoming the canonical bug, but an
earlier one) was reassigned to selinux-policy fairly quickly.
One of the major flaws in the Bodhi karma system is that it cannot possibly
see what happens in Bugzilla.
> Never the less, I think this issue could have been prevented even before
> a package was spun.
Yes, by disabling SELinux by default. :-)
More information about the devel