Jonathan Underwood wrote:
On 11/06/07, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
I hope that everyone who is reporting that SELinux broke their machine
is reporting the bugs in bugzilla even if they are turning it off.
Being good community members. It is difficult to improve the product
without getting the bugzillas.
I try as much as I can to do this. But there's quite a lot of
confusion with F7 - with setroubleshoot, it frequently reports avc
denials, and tells you to file a bug report. Recently I did that, and
the bug was closed as NOTABUG and a comment to relabel the file. Left
me scratching my head, as surely that is a bug with the policy. Or
another package on the system - either way, the NOTABUG made me think
that the SElinux maintainers didn't want to hear every setroubleshoot
report I had, so I stopped reporting them.
Well I am one of the SELinux maintainer, and I probably told you it was
not a bug.
If the setroubleshoot tells you to relabel a file/directory try it. If
it works then don't report a bug unless it returns.
Several bugs are caused by doing upgrades and this might leave the file
system mislabeled. Other cases we might not know
what caused the file to be mislabeled, whether it was Human interaction
or an application. So if you do not have information about how it
became mislabeled we can not necessarily figure out what happened.
