On Tue, Jul 5, 2016, at 03:18 PM, Colin Walters wrote: > On Mon, Jun 27, 2016, at 05:04 AM, Miroslav Grepl wrote: > > > So we could start to discuss how it is possible to ship new policy on > > Atomic to solve these urgent issues.
Wait, I may have been confused here. Is this actually just solving: https://bugzilla.redhat.com/show_bug.cgi?id=1290659 In that case I'd still lean a bit more towards: https://bugzilla.redhat.com/show_bug.cgi?id=1290659#c24 It shouldn't be too hard for us to carry a delta in rpm-ostree to undo the move to /var - then you don't have to have a separate policy build. As long as the selinux userspace isn't confused by this and knows how to look in both /etc/selinux and /var. (It would be nice to consider moving the RPM back even on yum-managed systems)
