[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SE Linux policy update

On Sat, 2011-03-19 at 14:58 +1100, Russell Coker wrote:
> On Sat, 12 Mar 2011, "Adam D. Barratt" <adam@adam-barratt.org.uk> wrote:
> > On Fri, 2011-03-11 at 23:21 +1100, Russell Coker wrote:
> > > These are all serious updates that can be considered as "a truly critical
> > > functionality problem" for some users.
> > 
> > "Truly critical for some users" is a fairly large set of issues,
> > particularly for small values of "some".  Have all of your proposed
> > changes been tested on Squeeze systems to ensure that they operate
> > correctly in that environment and don't introduce any regressions?
> They have all been tested on multiple systems.  Also many of the changes are 
> related to things that didn't work at all previously so there was little scope 
> for regression.


> > >    * Add tunable user_manage_dos_files which defaults to true
> > 
> > What's the current behaviour?  All users can manage such files, or none
> > can?
> None.

Hmmm, so this is introducing a behaviour change.

> > >    * Dontaudit bind_t write attempts to / for lwresd calling access(".",
> > >    W_OK)
> > 
> > "Don't audit"
> Stops filling the logs when the daemon is just asking whether the directory is 
> writable.

I guessed what the change was for, but was commenting on the fact that
the changelog entry said "Dontaudit", which looked like it should have
been "don't audit"; apologies if that wasn't clear enough.

> Now what's the procedure for uploading it?  Do I just replace "unstable" with 
> "stable" in the changelog, use the version number you requested, and then 
> upload it?

It looks like you've done that in the meantime.

p-u-NEW's been frozen for the past week in preparation for the point
release later today, and DSA are planning to upgrade the machine to
Squeeze later in the day, so we'll start working through the queue again
over the next few days.



Reply to: