|Main Archive Page > Month Archives > selinux archives|
On 2010-01-11 James Carter wrote:
> On Fri, 2010-01-08 at 16:27 -0500, Caleb Case wrote: <snip>
>>> 3) I can't remove the permissive domain created before the migration
>>> because the default priority level is 400, but the script put
>>> everything at priority 100 and I don't know how to change the priority
>>> for semanage.
>> >> semanage hasn't been updated yet to let you specify priorities. >> > I noticed. ;) > So why does the migration script put everything into priority 100 > instead of the default priority? >
priority 100 is for policies distributed by the distro, 400 is default for user actions (eg., running semodule without adding a priority)
I guess we could add some smarts to the migration script to put things like permissive modules and "local.pp" kinds of modules at 400.
or add a list of modules distributed by red hat *shrug*
I'm not sure any of these are good ideas, but they might soften the migration blow. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to firstname.lastname@example.org with the words "unsubscribe selinux" without quotes as the message.