Package: debian-policy Severity: wishlist Hi,
On selinux enabled machine, when an initscript is creating a directory or a file it might end up not having the correct selinux label on disk. If the service is protected by selinux this will result in the service not working at all or having some weird behaviour. The proper way to fix the selinux file context is to call restorecon on the file/directory. Some initscripts in the archives are already implementing this alongside setting up the correct permissions (udev, rpcbind,...): [ -x /sbin/restorecon ] && /sbin/restorecon "$MYFILE" Some people wanted this (see bug #678719) to be explicitly documented in the policy before implementing it in their initscript. Could you please consider documenting this in the policy. Cheers Laurent Bigonville -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.4-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-policy-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120827112650.13771.28681.report...@eldamar.bigon.be
