From: bigon@debian.org (Laurent Bigonville) Date: Fri, 10 Jan 2014 12:47:48 +0100 Subject: [refpolicy] Transition unconfined users to dpkg_t domain In-Reply-To: <52CF0743.4050305@tycho.nsa.gov> References: <20140107132919.5779c6c0@soldur.bigon.be> <20140107181207.13f8826d@soldur.bigon.be> <20140109132449.783398e6@soldur.bigon.be> <1389275208.14773.43.camel@x220.localdomain> <20140109165738.77a1d0a8@soldur.bigon.be> <1389283972.15747.21.camel@x220.localdomain> <20140109171932.2c48b131@soldur.bigon.be> <1389285402.15747.31.camel@x220.localdomain> <52CF05E6.7070904@redhat.com> <52CF0743.4050305@tycho.nsa.gov> Message-ID: <20140110124748.3d3bac9c@soldur.bigon.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Le Thu, 09 Jan 2014 15:32:03 -0500, Stephen Smalley a ?crit : > On 01/09/2014 03:26 PM, Daniel J Walsh wrote: > > > > It has been like that for years. Might have been a chicken and egg > > problem on initial install. RPM Now has better flexibility. > > bootstrapping issue - needed to know the right domain prior to any > policy files being installed on the filesystem. Does that means that rpm and dpkg are supposed to work even if the files in /etc/selinux/ are missing? With dpkg (that use the rpm_execcon-like function) I'm getting the following error in that case: cannot get security labeling handle: No such file or directory