#630 selinux requirements in review and guidelines
Closed: duplicate 10 months ago Opened 3 years ago by jhogarth.

I was reading through the guidelines for packages and reviews yesterday when I was planning on handling some package review requests when it came as a surprise I could find nothing at all about selinux.

In #fedora-devel sgallagh kindly let me know the present situation is not working with selinux enforcing is not a blocker to a review if it's not shipping on any blocking media, partially due to the high barrier to entry and partially due to a chicken/egg situation.

I wanted to suggest an addition to the Packaging Guidelines that makes this clear and to the Review guidelines to add to the SHOULD criteria something like:

The application should run with selinux enforcing, if it does not a ticket should be filed against selinux-policy

That way at least we can begin tracking which packages (okay it's new packages as a new review guideline ... but still) cause users to disable the security provided by selinux and act to provide policy for these where required.


We discussed this at this weeks meeting (http://meetbot.fedoraproject.org/fedora-meeting-1/2016-06-23/fpc.2016-06-23-16.00.txt):

  • Ticket #630 selinux requirements in review and guidelines (geppetto,
    16:12:06)
  • Need real info on filing bugs. (geppetto, 16:24:50)
  • ACTION: A proper draft is required. (geppetto, 16:25:04)

Metadata Update from @james:
- Issue assigned to james

2 years ago

Metadata Update from @tibbs:
- Issue close_status updated to: None
- Issue tagged with: draftneeded

2 years ago

Metadata Update from @ignatenkobrain:
- Issue close_status updated to: duplicate
- Issue status updated to: Closed (was: Open)

10 months ago

Login to comment on this ticket.

Metadata