Hi and happy new year! On 31.12.2012 13:05, Laurent Bigonville wrote: > Hello, > >> I've been having a quick look at the changes in 2.1.12-1. >> >> It seems you simply dropped the /selinux directory from the package. >> This should work fine for systems where selinux is not active. >> On systems where selinux is active and selinuxfs is mounted >> at /selinux, the directory will not be removed on upgrades. >> Do you think we need some special handling in the maintainer scripts >> to mount-move /selinux in preinst? >> >> Or does selinux in squeeze already use /sys/fs/selinux and /selinux is >> unused, so if you upgrade from squeeze to jessie there will be no >> mount at /selinux? I guess as you've uploaded to exp only, you don't >> plan to drop /selinux for squeeze? > > I guess you meant Wheezy here?
Indeed > Since Wheezy, libselinux will mount the selinuxfs on /sys/fs/selinux if > it's available during early boot (and will fallback to /selinux > otherwise). This is working well if the machine is booting with a > initramfs, I'm not sure if /sys/fs/selinux is available early enough if > a initramfs is not used (are we even supposed to support that kind of > situation?). > > So I would say, if somebody is upgrading from Wheezy to Jessie and the > selinuxfs is still mounted on /selinux, this is a special case (or a > user choice) and /selinux should not be removed. > > What do you think? The only thing I'm worried about is, that for systems where selinux is active, /selinux will never be removed, even if it is no longer used. I would suggest to add a mountpoint -q /selinux || rmdir --ignore-fail-on-non-empty /selinux to the preinst for the jessie package. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
