Description of problem: We need support for rpm to install the policy module and updating the kernel before placing files down on the system. It then needs to trigger an update of file context when complete.
Could you give more details of your requirements and expectations.
Yes I was just putting this as a place holder since I think we need to discuss this in a meeting. What I am envisioning right now, is something where the specfile would indicate the policy files %(policy) myapp.pp And this file could be placed in some temporary location on the system and a semodule -i /TMPLOCATION/myapp.pp would happen. This would cause the policy to be rebuilt and reload and the file_context file to be updated. At this point the rpm would proceed to place files on disk. Two problems with this is that if several packages were providing policy, each one would need to do the semodule thing and this would take a very long time. So it would be better if we could put them into some kind of transaction. So all policy files get updated first. Then the RPMs get installed. Finally as a post install step the file context difference program would be run to fix any file contexts that had been altered. Dan
Extracting myapp.pp from payload in order to do %pretrans is the fundamental design problem. Adding myapp.pp to metadata bloatery, either through additional tag, or by inlining in %pretrans, is the dirty and expedient hack. Anything else will require extensive changes, like splitting into subtransactions, or reading the payload multiple times.
User pnasrat's account has been closed
Reassigning to owner after bugzilla made a mess, sorry about the noise...
Adding FutureFeature keyword to RFE's.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
Hmm, no news for 9 years... There is a selinux plugin nowadays. I just assume that it does what is needed. Closing.