more latest selinux policy change problems
Tom Lisjac
netdxr at gmail.com
Tue Jun 21 06:33:48 UTC 2005
On 6/20/05, Peter Magnusson <iocc at fedora-selinux.lists.flashdance.cx> wrote:
> Its fine to have it by
> default in new release of fedora but not CHANGE it in a update.
I agree. The 1.17.30-3.9 update was a scary experience. Fortunately
none of my production servers broke, but some of the Slackware boxes
I'm currently converting to Fedora have deeply embedded /www
directories. If they'd been in service and I had applied 1.17.30-3.9,
I guess they would have gone down.
Suggestion: Functional changes that can break existing installs
shouldn't be provided as normal updates... they should be included in
the next OS version. Otherwise, if the update policy is perceived to
put running servers at risk, it won't be long before the community
stops taking Fedora seriously.
Best regards,
-Tom
More information about the selinux
mailing list