= Proposed System Wide Change: SELinux policy store migration =
https://fedoraproject.org/wiki/Changes/SELinuxPolicyStoreMigration
Change owner(s):
* Petr Lautrbach <plautrba at redhat dot com>
* Miroslav Grepl <mgrepl at redhat dot com>
The newest SELinux userspace project release 2015-02-02 includes a change of
the location of the SELinux policy store, which defaults to /var/lib/selinux/.
== Detailed Description ==
In the SELinux userspace project release 2015-02-02, the SELinux policy store
was moved from /etc/selinux/<store>/modules/ to /var/lib/selinux/<store>/.
The new policy store
* has a new complex structure
* supports priority of modules
* the CIL language is used for cached modules
* original modules are converted using an HLL compiler in
/usr/libexec/selinux/hll/. The pp compiler converts pp format to CIL language.
== Scope ==
* Proposal owners:
- prepare SELinux userspace packages with the release 2015-02-02
- prepare SELinux policy packages with the new store location
- prepare a migration script for users modifications and modules
- check if all packages containing SELinux modules use the right location
- check if all SELinux modules used in Fedora packages are compatible with
the new SELinux userspace and are convertible to CIL language
* Other developers: N/A
* Release engineering: N/A
* Policies and guidelines:
- there's no need to update policies
- there might be guidelines which mention the old store location which
should be updated
* Trademark approval: N/A (not needed for this Change)
--
Jan Kuřík
_______________________________________________
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
