mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-01 03:02:07 +00:00
60c780ffb6
Change the way libsemanage handles disabled modules. In the current method libsemanage renames the FOO.pp file to FOO.pp.disabled and then the rebuild process ignores *.disabled modules. Since we want to start shipping /etc/selinux/targeted/modules/active/modules/*.pp within the payload of the rpm. If we continued this method, a policy update would re-enable a module. The new mechanism will just create a symbolic link between FOO.pp and FOO.pp.disabled. Then the library will check all modules, and if a module has a link, it will not be compiled into the policy. This solves the rpm update problem. and actually gives us an easier update capability since if FOO.pp.disabled already exists using the old method, it will continue to work with the new method. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com> |
||
|---|---|---|
| .. | ||
| example | ||
| include | ||
| man | ||
| src | ||
| tests | ||
| .gitignore | ||
| ChangeLog | ||
| COPYING | ||
| Makefile | ||
| VERSION | ||