From: Joshua Brindle <jbrindle@tresys.com>
To: "Christopher J. PeBenito" <cpebenito@tresys.com>
Cc: Erich Schubert <erich@debian.org>, SE Linux <selinux@tycho.nsa.gov>
Subject: Re: VPN module
Date: Wed, 05 Apr 2006 11:04:13 -0400 [thread overview]
Message-ID: <4433DC6D.9020209@tresys.com> (raw)
In-Reply-To: <1144248600.12875.2.camel@sgc.columbia.tresys.com>
Christopher J. PeBenito wrote:
> On Wed, 2006-04-05 at 13:59 +0200, Erich Schubert wrote:
>> Hi,
>> I'll probably write a OpenVPN module sometime soon.
>> We already have a "vpn" module, but that is only for the vpnc client so
>> far.
>> Should I
>> - try to make a single module for both (I consider that a bad idea,
>> since vpnc is a client only for cisco VPNs, whereas OpenVPN can be used
>> as a full-blown VPN server and is much more flexible)
>> - rename the vpn policy to vpnc and make a new "openvpn" module?
>
> Creating openvpn will be fine, but the vpn module has to stay as is,
> because we can't rename modules, because it causes upgrade issues. For
> example, if you have a vpn module inserted, and you try to insert vpnc
> module, it fails because of duplicate symbols. Perhaps we need support
> in modules for one module to deprecate another, so if you insert the
> vpnc module, libsemanage automatically removes vpn as part of the
> transaction.
>
I think this is a package manager issue, not a module issue. Package
managers already know how to handle complex relationships and I don't
know why we would reproduce that in libsemanage.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2006-04-05 15:04 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-05 11:59 VPN module Erich Schubert
2006-04-05 14:49 ` Christopher J. PeBenito
2006-04-05 15:04 ` Joshua Brindle [this message]
2006-04-05 16:09 ` Erich Schubert
2006-04-14 18:51 ` Petre Rodan
2006-04-14 20:07 ` Christopher J. PeBenito
2006-04-17 22:18 ` Erich Schubert
2006-04-18 15:34 ` Christopher J. PeBenito
2006-04-17 22:23 ` Erich Schubert
2006-04-18 15:36 ` Christopher J. PeBenito
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4433DC6D.9020209@tresys.com \
--to=jbrindle@tresys.com \
--cc=cpebenito@tresys.com \
--cc=erich@debian.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.