| 1 |
On Sat, Apr 28, 2012 at 08:51:05PM -0400, Anthony G. Basile wrote: |
| 2 |
> Why are you trying to avoid a global variable? I'd think that's less of |
| 3 |
> a QA issue than a trigger file. |
| 4 |
|
| 5 |
Updated patch available on http://dpaste.com/748546/ |
| 6 |
|
| 7 |
It includes support for POLICY_FILES, allowing for 3rd party SELinux modules |
| 8 |
to be managed by Portage without interfering or making things more difficult |
| 9 |
for our policy. |
| 10 |
|
| 11 |
It also removes some of the dual logic that was available before (to handle |
| 12 |
bash arrays and single variables). By mapping arrays immediately towards |
| 13 |
single variables, I could also drop the use of either a trigger file or a |
| 14 |
global variable (as I can now just "query" the variable). |
| 15 |
|
| 16 |
Finally, the eclass now tries to load the SELinux module and, if it fails, |
| 17 |
it retries to load it but with all installed modules simultaneously. If that |
| 18 |
still fails, we inform the user that this might be expected if this isn't |
| 19 |
the last SELinux module installation (or upgrade). |
| 20 |
|
| 21 |
That last addition allows us to support SELinux upgrade easier. For |
| 22 |
instance, the failure(s) we had with 2.20110726 to 2.20120215 (modules |
| 23 |
failing to load because of unresolved or undefined references) are now |
| 24 |
handled automatically. |
| 25 |
|
| 26 |
The eclass is currently still in hardened-dev overlay. |
| 27 |
|
| 28 |
Wkr, |
| 29 |
Sven Vermeulen |
Archives