Your message dated Fri, 11 Aug 2017 12:44:51 -0700 with message-id <87o9rlx51o....@iris.silentflame.com> and subject line Closing inactive Policy bugs has caused the Debian Bug report #685992, regarding debian-policy: Document in the policy the way to properly set selinux labels on files and directories to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 685992: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685992 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: debian-policy Severity: wishlist Hi, On selinux enabled machine, when an initscript is creating a directory or a file it might end up not having the correct selinux label on disk. If the service is protected by selinux this will result in the service not working at all or having some weird behaviour. The proper way to fix the selinux file context is to call restorecon on the file/directory. Some initscripts in the archives are already implementing this alongside setting up the correct permissions (udev, rpcbind,...): [ -x /sbin/restorecon ] && /sbin/restorecon "$MYFILE" Some people wanted this (see bug #678719) to be explicitly documented in the policy before implementing it in their initscript. Could you please consider documenting this in the policy. Cheers Laurent Bigonville -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.4-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---control: user debian-pol...@packages.debian.org control: usertag -1 +obsolete control: tag -1 +wontfix Russ Allbery and I did a round of in-person bug triage at DebConf17 and we are closing this bug as inactive. The reasons for closing fall into the following categories, from most frequent to least frequent: - issue is appropriate for Policy, there is a consensus on how to fix the problem, but preparing the patch is very time-consuming and no-one has volunteered to do it, and we do not judge the issue to be important enough to keep an open bug around; - issue is appropriate for Policy but there does not yet exist a consensus on what should change, and no recent discussion. A fresh discussion might allow us to reach consensus, and the messages in the old bug are unlikely to help very much; or - issue is not appropriate for Policy. If you feel this bug is still relevant and want to restart the discussion, you can re-open the bug. However, please consider instead opening a new bug with a message that summarises and condenses the previous discussion, updates the report for the current state of Debian, and makes clear exactly what you think should change. A lot of these old bugs have long side tangents and numerous messages, and that old discussion is not necessarily helpful for figuring out what Debian Policy should say today. -- Sean Whitton
Description: PGP signature
--- End Message ---