From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-46855-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QoGlF-00080W-Rs
	for garchives@archives.gentoo.org; Tue, 02 Aug 2011 15:20:02 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 9581521C0E8;
	Tue,  2 Aug 2011 15:19:53 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id 7F58421C125
	for <gentoo-dev@lists.gentoo.org>; Tue,  2 Aug 2011 15:19:24 +0000 (UTC)
Received: from [192.168.3.7] (cpe-74-77-238-39.buffalo.res.rr.com [74.77.238.39])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: blueness)
	by smtp.gentoo.org (Postfix) with ESMTPSA id B9DC71BC004
	for <gentoo-dev@lists.gentoo.org>; Tue,  2 Aug 2011 15:19:23 +0000 (UTC)
Message-ID: <4E381579.6010103@gentoo.org>
Date: Tue, 02 Aug 2011 11:19:21 -0400
From: "Anthony G. Basile" <blueness@gentoo.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110705 Lightning/1.0b3pre Lanikai/3.1.10
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] POSIX capability in Gentoo
References: <4E356A0C.7070004@gentoo.org>	<CADqQcK4RL8bWessPds+4sHa7TLR3Fj0-T68WEiuZK+Lo1oroew@mail.gmail.com>	<4E35B468.10604@gentoo.org>	<20110802090832.2cd03a32@pomiocik.lan>	<4E3809AA.2050609@gentoo.org>	<20110802153134.7cab1727@googlemail.com>	<4E380EEA.6080505@gentoo.org>	<20110802155454.5fb24cb4@googlemail.com>	<4E38123E.90709@gentoo.org> <20110802160554.68059c64@googlemail.com>
In-Reply-To: <20110802160554.68059c64@googlemail.com>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 
X-Archives-Hash: 1df65c6b1908bcabc772faa927a0c1ef

On 08/02/2011 11:05 AM, Ciaran McCreesh wrote:
>>> Please don't.
>> > 
>> > Why would this be bad?
> Because going behind the package mangler's back results in horribly
> screwed up systems (as anyone who's ever used lafilefixer will tell
> you...).

Is rlpkg going behind the PM's back when it does selinux labelings?  I
know there are difference, but if there's a screwup in some policy, it
also leads to horribly screwed up system.  Nonetheless, I'm not
insensitive to what you are saying, and I think the safer approach would
be to write a howto and show the user how to manually convert some
typical binaries.  There are only a handful that would be targeted.

-- 
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail    : blueness@gentoo.org
GnuPG FP  : 8040 5A4D 8709 21B1 1A88  33CE 979C AF40 D045 5535
GnuPG ID  : D0455535