On Mon, 29 Feb 2016 02:47:04 AM Laurent Bigonville wrote: > Le 28/02/16 11:05, Russell Coker a écrit : > >> the easiest would be to do like fedora and install the modules directly > >> in the /var/lib/selinux/<policy>/100 store instead of copying/loading > >> them at installation time > > > > Do you mean having files in the package under /var/lib? If so that seems > > like a FHS violation. Why not just keep them under /usr/share/selinux > > and symlink them? > > There are a lot of packages that ships files in /var/lib.
I'm sure that you can find many ways in which there are a lot of broken packages in Debian or in any other distribution. That said if we have a strong precedent in Debian for doing things a certain way it is an argument for doing more of the same. > Are you sure you are not thinking about /var/run? https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard # State information. Persistent data modified by programs as they run, e.g., # databases, packaging system metadata, etc. The above section from the above URL suggests that package maintained files aren't suitable. The description of /usr is: # Secondary hierarchy for read-only user data; contains the majority of # (multi-)user utilities and applications. For /usr/share it says: # Architecture-independent (shared) data. I think that /usr/share is the best place for it. If /var/lib has symlinks into /usr/share then files which aren't changed can be replaced by a package upgrade while files that are modified by utilities can stay modified. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
