please unblock refpolicy/0.0.20061018-3

To: debian-release@lists.debian.org
Subject: please unblock refpolicy/0.0.20061018-3
From: Manoj Srivastava <srivasta@ieee.org>
Date: Mon, 15 Jan 2007 23:38:37 -0600
Message-id: <[🔎] 87y7o3sf8i.fsf@glaurung.internal.golden-gryphon.com>
Mail-followup-to: debian-release@lists.debian.org

Hi,

        This upload fixes one FTBS bug (by moving the stamp files in
 ./debian), and there policy fixes that now allow dcc, clamd, and
 courier-* packages to work under SELinux targeted policy. Since the
 latter two are often found on servers, which is a prime target for
 SELinux systems, I think that these changes merit a freeze
 exception. 

        Please consider.

        manoj

 refpolicy (0.0.20061018-3) unstable; urgency=high
 * Bug fix: "refpolicy: FTBFS: /bin/sh: debian/stamp/config-strict: No
   such file or directory", thanks to Lucas Nussbaum. This was fixed
   by moving all the stamps into ./debian instead. I'll re-visit the
   ./debian/stamp/ directory in lenny. This is a pretty minor
   packaging change.  (Closes: #405613).
 * Bug fix: "selinux-policy-refpolicy-targeted: Policy for dcc misses
   Debian's FHS paths", thanks to Devin Carraway. From the bug report:
   Many of the files in these packages are overlooked when labelling
   files, because refpolicy's dcc module stipulates paths not
   consistent with the Debian FHS layout.  The files go unlabelled and
   dcc-client (at least) stops working. The two major problems are the
   references to /usr/libexec/dcc (damons, placed in /usr/sbin by the
   Debian packages) and to /var/dcc (all sorts of things, placed under
   /var/lib/dcc).  A side effect of the latter is that dccifd_t and
   probably others need search on var_lib_t, through which it must
   pass to get to /var/lib/dcc.  Fixed the policy; will send upstream.
                                                     (Closes: #404309).
 * Bug fix: "selinux-policy-refpolicy-targeted: clamav policy forbids
   clamd_t search on /var/lib", thanks to Devin Carraway.  This is a
   simple one line change, and obviously an oversight; I think getting
   clamd to work is fairly important.  (Closes: #404895).
 * Bug fix: "selinux-policy-refpolicy-targeted: Multiple problems with
   courier policy", thanks to Devin Carraway.  There is detailed
   information of the changes made in the bug report, and in the
   commit logs. Again, fixing courier daemons seems pretty important;
   SELinux tends to get used a lot on remote mail servers, and this
   fixes issues with the policy.  (Closes: #405103).

-- 
People are beginning to notice you.  Try dressing before you leave the
house.
Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

Follow-Ups:
- Re: please unblock refpolicy/0.0.20061018-3
  - From: Marc 'HE' Brockschmidt <he@ftwca.de>

Prev by Date: Re: mediawiki1.7 in etch..
Next by Date: Re: I ask to put libapache2-mod-fcgid into etch
Previous by thread: Please unblock tenshi 0.4-1.1
Next by thread: Re: please unblock refpolicy/0.0.20061018-3
Index(es):
- Date
- Thread