Description of problem:
Due to different timelines of Gluster and RHEL product we have lot of Z-stream erratas in RHEL because of changes in Glusterd SELinux module which is shipped by selinux-policy in RHEL base. This is quite uncomfortable for both sides (selinux-team and gluster team). We have solution for this situation. Glusterd SELinux module can be shipped by Gluster team by own (sub)package. For more info please see:
Shipping a custom SELinux policy together with product bring several benefits:
Changes in a policy can be modified immediately, so the product package maintainer does not need to wait until the distribution SELinux policy is updated.
Policy changes in product SELinux policy can be released together with changes in product package so SELinux policy will be always synchronized with a product.
Product package can follow different timeline deadlines then SELinux policy package, this can cause issues and customer can get new product package version without necessary changes in SELinux policy and this can block some functionality of a product.
Actual results:
Glusterd SELinux module is part of selinux-policy package in RHEL.
Expected results:
Glusterd SELinux module will be part of glusterd package.
This issue was not selected to be included in Red Hat Enterprise Linux 7.7 because it has been stalled for some time and the very next release will be in Maintenance Support 1 Phase, which means that qualified Critical and Important Security errata advisories (RHSAs) and Urgent Priority Bug Fix errata advisories (RHBAs) may be released as they become available.
We will now close this issue and continue the effort in Red Hat Enterprise Linux 8.