Bug 120211
Summary: | SELinux FAQ - what is the relationship between policy and policy-sources packages? | ||
---|---|---|---|
Product: | [Fedora] Fedora Documentation | Reporter: | Karsten Wade <kwade> |
Component: | selinux-faq | Assignee: | Karsten Wade <kwade> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Tammy Fox <tammy.c.fox> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | devel | CC: | dwalsh, gczarcinski |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://people.redhat.com/kwade/fedora-docs/selinux-faq-en/ | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-04-08 19:02:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 118757 |
Description
Karsten Wade
2004-04-06 20:32:00 UTC
How does this write-up sound? I'm going to hold it for 1.0-6, I reckon. ## begin Q:. What is the relationship between the policy and policy-sources packages? A:. The policy package is a requirement for a working SELinux installation, while policy-sources is required if you want to customize the default policy. The policy package has the minimum files necessary for defining the SELinux security policy. It is kept trimmed down in size to support a minimal install footprint. The policy-sources package contains the source definitions in /etc/security/selinux/src that are required to create the files /etc/security/selinux/file_contexts and /etc/security/selinux/policy.<version>. <version> is the version number of the policy. Choosing which packages to install is based on the type of installation. If you are going to use only the default security policy defined by the Fedora Core developers, you only need the policy package. If you are to customize your security policy in any way, or otherwise want to run setools, you need to install policy-sources. Installing or updating the policy package loads the new policy after it installs the files. Similarly, installing or updating the policy-sources package rebuilds the policy.<version> file as well as the file_contexts file, then loads them as the currently effective policy. ## 30 I'm going to include this in 1.0-6; if there are any problems with my write-up, please file a new bug report. |