Description of problem: Time to start or stop cyphesis service is too big. I think it's because of semanage which is running on every start. Is it possible to do start/stop without it? I don't see any other service which do semanage ports. Version-Release number of selected component (if applicable): cyphesis-0.5.15-3.fc8
The only way to get rid of the semanage calls in the init script is to move the cyphesis selinux policy to the main selinux policy package. I'll file a request with the selinux policy maintainer to add it.
Ah, I see. But that way it'll be hard to update policy. I thought that policies that are modified with semanage are preserved between restarts. Could it be runned only at install and uninstall time?
(In reply to comment #2) > Ah, I see. But that way it'll be hard to update policy. Right. > I thought that policies that are modified with semanage are preserved between > restarts. Yes, they are. > Could it be runned only at install and uninstall time? The problem is the corner case where someone installs cyphesis-selinux with selinux disabled, then enables selinux. With selinux disabled, the calls to semanage at install time will fail and the ports won't get defined. Once the user turns selinux back on, the ports will not be defined and cyphesis will fail to start because the ports will be blocked. I see two choices here: * Live with the longer startup time * Move the selinux policy to the main selinux policy package, and live with the fact that updates may take a little longer
Well, cyphesis selinux policy isn't changing often. I think, if it solve long startup time problem, it can be moved to main selinux policy package.
The cyphesis port definitions that cause the slow startup time have moved to the main selinux-policy package for F-9. I'll close this bug as soon as I verify that the policy works.
I've reported bug#441272 about selinux error in current version.
Updating version to F9, as the selinux policy is not merged into the main selinux-policy package in F8.
cyphesis-0.5.15-7.fc9 has been submitted as an update for Fedora 9
I checked new package - cyphesis-0.5.15-init.patch should be removed as it is not needed any more.
My bad. I forgot to merge the patch from rawhide. Expect a new build soon...
New build with the updated init script: http://koji.fedoraproject.org/koji/buildinfo?buildID=51975
cyphesis-0.5.15-8.fc9 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update cyphesis'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-5107
cyphesis-0.5.15-8.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.