selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [PATCH 03/13] libsemanage: move the module store to

Re: [PATCH 03/13] libsemanage: move the module store to /var/lib/selinux

From: Stephen Smalley <sds_at_nospam>
Date: Fri Jan 08 2010 - 15:19:12 GMT

On Fri, 2010-01-08 at 09:50 -0500, James Carter wrote:
> On Fri, 2010-01-08 at 09:28 -0500, Stephen Smalley wrote:
> > On Wed, 2009-12-23 at 18:25 -0500, Caleb Case wrote:
> > > This patch moves the module store from /etc/selinux/<store>/modules to
> > > /var/lib/selinux/<store>.
> >
> > Can the path prefix (i.e. /var/lib/selinux) be made configurable?
> >
> There would be no other prefixes other than /var/lib/selinux
> or /etc/selinux, or do you have something else in mind?
> I guess that you are thinking of backwards compatibility, but you still
> won't have it even if you change the prefix because the directory
> structure is different (priority directories and such). I don't see
> what you would gain with changing the prefix.

I just dislike the notion that to change the location one would have to recompile the library. Even worse, one would have to modify the sources versus just altering a -D flag in the Makefile specifying the path prefix. We already have one such case in libsemanage with a FIXME comment next to it; I didn't want to extend the set of such cases. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to with the words "unsubscribe selinux" without quotes as the message.