Re: Packaging ltp selinux tests
On Friday 15 May 2009 06:26:00 Jiří Paleček wrote:
> > I am not yet comfortable with my security policy changing just
> > because a package is installed. So far, even the policy packages do not
> > install the new policy, letting the security officer audit and manually
> > install policy.
> OK. Would you be comfortable with a debconf question on the subject, then?
I would be happy to have a Debconf question for whether an upgrade of a
regular policy package results in an upgrade of the running policy.
Having an LTP test package install a different policy is wrong. I don't think
that an LTP test package should make a system unusable for other things.